chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2026-01-12 04:19:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

merge into: chn:xanmod
Branches Tags
chn:production chn:next chn:legacy-2505 chn:archive chn:edge chn:a30 chn:hpcstat chn:rocm chn:nas-alderlake chn:one-fprint chn:rog-x chn:sbatch-add-fdtd chn:r2s chn:steamdeck chn:biu chn:sbatch-tui chn:sops chn:srv1 chn:srv1-archive chn:srv1-add-zgq chn:switch-srv2 chn:xray-debug chn:srv2-debug chn:srv2-notice chn:temp chn:staging chn:debug chn:wannier-tools chn:next-pc chn:fix-libvirt chn:add-pen chn:libvirt-cow chn:test-nfs chn:wg-stage chn:hdf5-slurm chn:vasp-debug chn:container chn:debug-nfs chn:test-impermanence chn:xmuserver chn:pc chn:test-motd chn:nvhpc chn:root chn:srv-archive chn:xmuserver-archive chn:python chn:test-bindmount chn:test-keyd chn:srv chn:vasp chn:ufo chn:ip-debug chn:nex chn:blog chn:fcitx5 chn:winjob chn:winjob-old-design chn:ollama chn:server chn:vps6 chn:chn-bsub chn:test-nvidia chn:bug chn:next-debug chn:krfb chn:xray chn:split-desktop-server chn:pi chn:envfs chn:main chn:dae chn:xmupc2 chn:xrdp chn:ipfs chn:xmupc1 chn:mumax chn:slurm chn:blas chn:firefox chn:color chn:gpu chn:nvidia chn:xanmod chn:rsshub chn:ttyd chn:fix-efishell chn:device chn:misskey chn:power chn:native chn:meilisearch-migration chn:nixos-23.05 chn:nginx chn:ua chn:vps7-freshrss chn:nvme-bug chn:yoga chn:kernel-lts chn:nas-beesd chn:vps7-beesd chn:vps6-beesd chn:phonopy chn:tested chn:docker chn:test-nebula chn:test-nebula-nas chn:stable chn:benchmark chn:ccache-bug-report
chn:try-to-fix-rtkit-pipewire
...
pull from: chn:xmupc2
Branches Tags
chn:production chn:next chn:legacy-2505 chn:archive chn:edge chn:a30 chn:hpcstat chn:rocm chn:nas-alderlake chn:one-fprint chn:rog-x chn:sbatch-add-fdtd chn:r2s chn:steamdeck chn:biu chn:sbatch-tui chn:sops chn:srv1 chn:srv1-archive chn:srv1-add-zgq chn:switch-srv2 chn:xray-debug chn:srv2-debug chn:srv2-notice chn:temp chn:staging chn:debug chn:wannier-tools chn:next-pc chn:fix-libvirt chn:add-pen chn:libvirt-cow chn:test-nfs chn:wg-stage chn:hdf5-slurm chn:vasp-debug chn:container chn:debug-nfs chn:test-impermanence chn:xmuserver chn:pc chn:test-motd chn:nvhpc chn:root chn:srv-archive chn:xmuserver-archive chn:python chn:test-bindmount chn:test-keyd chn:srv chn:vasp chn:ufo chn:ip-debug chn:nex chn:blog chn:fcitx5 chn:winjob chn:winjob-old-design chn:ollama chn:server chn:vps6 chn:chn-bsub chn:test-nvidia chn:bug chn:next-debug chn:krfb chn:xray chn:split-desktop-server chn:pi chn:envfs chn:main chn:dae chn:xmupc2 chn:xrdp chn:ipfs chn:xmupc1 chn:mumax chn:slurm chn:blas chn:firefox chn:color chn:gpu chn:nvidia chn:xanmod chn:rsshub chn:ttyd chn:fix-efishell chn:device chn:misskey chn:power chn:native chn:meilisearch-migration chn:nixos-23.05 chn:nginx chn:ua chn:vps7-freshrss chn:nvme-bug chn:yoga chn:kernel-lts chn:nas-beesd chn:vps7-beesd chn:vps6-beesd chn:phonopy chn:tested chn:docker chn:test-nebula chn:test-nebula-nas chn:stable chn:benchmark chn:ccache-bug-report
chn:try-to-fix-rtkit-pipewire

166 Commits
xanmod ... xmupc2

Author SHA1 Message Date
chn
075a5f255f devices.xmupc2: init 2024-03-09 12:53:32 +08:00
chn
097010113d system.fileSystems.rollingRootfs: fix 2024-03-08 18:43:42 +08:00
chn
f9f0d5137a packages: add tor-browser 2024-03-08 14:55:16 +08:00
chn
22d557b12c services.xrdp: only enable optimise on explicit request 2024-03-08 14:22:15 +08:00
chn
2dd85db093 services.xrdp: add optimise 2024-03-08 13:51:10 +08:00
chn
41d3ca3dbe Merge branch 'production' into xrdp 2024-03-08 12:50:46 +08:00
chn
409091a2e3 暂存 2024-03-07 20:36:41 +08:00
chn
2d3c9a93f7 devices.pc: add amd config 2024-03-07 20:34:58 +08:00
chn
a146636de2 devices.pc: use prime offload as default 2024-03-07 20:34:58 +08:00
chn
b45c68a431 devices.pc: switch to amd+nvidia sync 2024-03-07 20:34:58 +08:00
chn
b07e09c94e move secrets to devices 2024-03-07 18:10:10 +08:00
chn
e9413380d4 system.networking.nebula: remove 2024-03-07 18:03:24 +08:00
chn
a0ae0522d7 devices.pc: enable colord 2024-03-07 00:35:20 +08:00
chn
2f59817b22 devices.pc: use wayland 2024-03-07 00:35:20 +08:00
chn
265b3d89b0 services.wireguard: fix 2024-03-07 00:32:49 +08:00
chn
2e8030fd5d devices.xmupc1: add note 2024-03-06 18:05:18 +08:00
chn
2c472400c8 devices.pc: fix gpu 2024-03-06 17:49:29 +08:00
chn
3edf4d340c packages.ssh: update key for hpc 2024-03-06 13:48:40 +08:00
chn
10b922975e packages: remove yuzu 2024-03-06 11:49:16 +08:00
chn
fff970f2a5 packages: add more packages 2024-03-06 11:49:16 +08:00
chn
19ab6c378e system: enable binfmt 2024-03-06 11:49:16 +08:00
chn
f75c150bc6 services.wireguard: fix 2024-03-06 11:10:04 +08:00
chn
2597870de1 packages.ssh: fix 2024-03-06 10:49:38 +08:00
chn
34cfe8cdd3 users.chn: surface add autostart 2024-03-06 10:32:18 +08:00
chn
cdd691ba1c 暂存 2024-03-04 20:58:44 +08:00
chn
71f3be8d2d services.xrdp: fix 2024-03-04 18:29:39 +08:00
chn
f312b3f53f services.nextcloud: fix 2024-03-04 12:08:53 +08:00
chn
02b1f1100d services.misskey: fix 2024-03-04 12:00:16 +08:00
chn
30ab9c6ea3 packages.ssh: update hpc key 2024-03-04 11:25:39 +08:00
chn
c4e9321982 localPackages.misskey: remove tensorflow dependency 2024-03-04 10:51:05 +08:00
chn
47946acd54 localPackages.misskey: update 2024-03-04 10:14:57 +08:00
chn
95e92f26cd hardware: remove halo-keyboard 2024-03-03 21:36:16 +08:00
chn
2240d9655b force disable xrdp currenty 2024-03-03 21:35:00 +08:00
chn
3e99e33690 localPackages.mirism: fix 2024-03-03 19:53:47 +08:00
chn
df041492cc system.kernel: use lts as default 2024-03-03 19:18:30 +08:00
chn
cb19a7e674 packages.ssh: fix 2024-03-03 00:06:31 +08:00
chn
9e4a57798f services.nextcloud: update apps 2024-03-02 22:06:41 +08:00
chn
818fad6a75 packages: add nextcloud 2024-03-02 13:52:38 +08:00
chn
9a9b5c009b packages: add mumax 2024-03-02 11:40:16 +08:00
chn
d126019fdc Merge branch 'next' into production 2024-03-02 10:52:19 +08:00
chn
0de2e097bb fix build 2024-03-02 10:49:51 +08:00
chn
72bfa4bbf9 update nix-vscode-extensions 2024-03-01 21:30:41 +08:00
chn
f5d4e60aa3 Merge branch 'mumax' into production 2024-03-01 21:12:16 +08:00
chn
8d5a663ae0 localPackages.mumax: init 2024-03-01 21:11:54 +08:00
chn
33ef334fb0 Revert "services.slurm: fix" 
This reverts commit 7850be2131.
 2024-03-01 19:38:55 +08:00
chn
7850be2131 services.slurm: fix 2024-03-01 19:31:44 +08:00
chn
d622d85546 services.xrdp: fix 2024-03-01 18:49:14 +08:00
chn
d54404d5bc services.slurm: fix database connection 2024-03-01 11:26:24 +08:00
chn
bc1cff1ae1 devices.pc: fix slurm 2024-03-01 11:08:35 +08:00
chn
9e7803df0d devices.pc: remove resumeCommands 2024-03-01 11:07:47 +08:00
chn
da89605fa7 remove nix-alien 2024-02-29 21:23:10 +08:00
chn
9e3adab1c7 packages: remove _prebuildPackages 2024-02-29 17:46:14 +08:00
chn
de23962a21 services.xray: add user 2024-02-29 17:10:31 +08:00
chn
f0beeb202c devices.pc: do not reload mt7921e on resume 2024-02-29 14:12:29 +08:00
chn
755f9f1204 update everything 
removed: chromiumos-touch-keyboard typora lmix dguibert-nur-packages cascade
 2024-02-28 22:10:42 +08:00
chn
6966b5f25b devices.xmupc1: enable snapper 2024-02-28 17:39:12 +08:00
chn
2030c3048f xmupc1: enable beesd 2024-02-28 14:37:12 +08:00
chn
26f9a01845 packages.vscode: add plugin 2024-02-28 13:22:52 +08:00
chn
97460cf9ff users: fix import 2024-02-27 21:27:26 +08:00
chn
2eb933599d services.slurm: allow overscribe on nodes 2024-02-27 20:21:22 +08:00
chn
82fb082006 devices.xmupc1: enable samba 2024-02-27 13:49:16 +08:00
chn
50a7839407 fix deploy 2024-02-27 13:21:13 +08:00
chn
bc82d0956d devices.xmupc1: enable xrdp 2024-02-27 13:17:54 +08:00
chn
8b329eabca fix 2024-02-27 12:56:43 +08:00
chn
5aeca3451d localPackages.hdf5-nvhpc: limit build 2024-02-27 12:52:04 +08:00
chn
4ea44a179e localPackages.vasp: export source 2024-02-27 12:47:15 +08:00
chn
dc0ac2a333 localPackages.vasp: use system-features to limit build 2024-02-27 12:21:44 +08:00
chn
bee788f30d revert: fix for znver3 2024-02-27 11:52:57 +08:00
chn
2649cc36df system.nix: keep-outputs = true 2024-02-27 11:19:29 +08:00
chn
09e2076eee fix build for znver3 2024-02-27 10:17:32 +08:00
chn
7fa8d58e3e devices.xmupc1: use remote build 2024-02-27 10:03:36 +08:00
chn
82f41d070c devices.xmupc1: add document 2024-02-27 09:52:24 +08:00
chn
eac0a49f51 devices.xmupc1: some fix 2024-02-26 21:03:38 +08:00
chn
380532ffbc hardware.nvidia: fix 2024-02-26 19:55:26 +08:00
chn
bca4d85c7b devices.xmupc1: autostart sddm 2024-02-26 19:39:38 +08:00
chn
864d739b68 add xmupc1 deploy 2024-02-26 19:36:44 +08:00
chn
2e14f31dcb services.slurm: fix 2024-02-26 19:34:40 +08:00
chn
b553e1cd21 system.gui: use x11 on nvidia 2024-02-26 14:39:49 +08:00
chn
e7c9de177c packages.plasma: fix 2024-02-26 14:36:55 +08:00
chn
086cc04512 packages.plasma: fix 2024-02-26 14:27:50 +08:00
chn
309812741a devices.xmupc1: re-encrypt 2024-02-26 14:05:00 +08:00
chn
a92eae2b67 packages.ssh: add more users to cdString 2024-02-26 13:29:55 +08:00
chn
89253105fd users: remove yxy 2024-02-26 13:27:33 +08:00
chn
fd416d5574 users: add test 2024-02-26 13:24:33 +08:00
chn
815819adb8 packages.plasma: setup for all user 2024-02-26 12:55:39 +08:00
chn
8cf5fa8635 services.fontconfig: fix 2024-02-26 12:48:49 +08:00
chn
38a96c5e56 devices.xmupc1: init 2024-02-26 12:17:27 +08:00
chn
90101eb222 localPackages.oneapi: add 2022.2 2024-02-25 18:59:54 +08:00
chn
890000b9ef localPackages.vasp: add intel 2024-02-25 17:40:43 +08:00
chn
b674075d49 localPackages.vasp: reorganize 2024-02-25 15:34:35 +08:00
chn
d7923aafe1 services.slurm: enable accounting 2024-02-25 15:04:44 +08:00
chn
2b20f5ab35 services.slurm: fix gui 2024-02-24 22:51:27 +08:00
chn
aa7662ef48 localPackages.vasp-gnu: rename 2024-02-24 22:45:02 +08:00
chn
adf2141297 packages: add mpi 2024-02-24 22:41:25 +08:00
chn
a609a3d6c1 localPackages.vasp: add 6.3.1 2024-02-24 22:40:16 +08:00
chn
a7d372c6a7 localPackages.oneapi: init 2024-02-24 22:11:58 +08:00
chn
2c8dca786e services.slurm: enable cuda support 2024-02-24 21:24:07 +08:00
chn
7edb16f163 packages.workstation: add nvtop 2024-02-24 19:13:56 +08:00
chn
7458744a1f localPackages.vasp-gpu: enable OPTCELL patch 2024-02-24 18:57:48 +08:00
chn
100f5241b1 localPackages.vasp-gpu: add hdf5 and wannier support 2024-02-24 18:52:12 +08:00
chn
29a98af8d4 localPackages.vasp-gpu: add vasp-6.3.1 2024-02-24 15:43:38 +08:00
chn
1bc85bc6af services.slurm: init 2024-02-24 15:21:47 +08:00
chn
a904be79b8 devices.vps6: enable beesd 2024-02-24 11:06:47 +08:00
chn
522eff0fad devices.vps6: disable snapper 2024-02-24 11:02:20 +08:00
chn
3fb9a0a63c services.beesd: use large hash table 2024-02-24 11:00:16 +08:00
chn
8928406161 devices.nas: enable snapper 2024-02-23 21:46:13 +08:00
chn
2c750d8b90 localPackages.vasp-gpu: fix 2024-02-23 18:29:19 +08:00
chn
b370ab0a88 devices.nas: disable snapper 2024-02-23 13:15:03 +08:00
chn
3d9a10f8b0 add xmupc1 to build list 2024-02-23 12:26:35 +08:00
chn
1742ff8cbd fix build for znver3 2024-02-23 12:05:35 +08:00
chn
4c3b25afca devices.surface: fix 2024-02-22 23:33:53 +08:00
chn
e5ba10751b users.chn.plasma.shortcuts: reset config on startup 2024-02-22 23:05:53 +08:00
chn
834d44fbf6 packages.server: add pydbus 2024-02-22 21:09:09 +08:00
chn
1cd3a3ff39 packages.xclip: fix 2024-02-22 21:08:12 +08:00
chn
8362b370e8 devices.nas: enable snapper 2024-02-22 14:16:44 +08:00
chn
185c001f3f packages.zsh: fix 2024-02-22 12:42:48 +08:00
chn
cfc6621074 users.chn.plasma.autostart: add crow-translate 2024-02-22 12:41:58 +08:00
chn
73445cf51b devices.xmupc1: fix 2024-02-21 18:59:15 +08:00
chn
8ff662be17 packages: add cpu-x and pdfgrep 2024-02-21 18:18:00 +08:00
chn
a3b9c2d29f packages.desktop-fat: use upstream typora 2024-02-21 16:48:02 +08:00
chn
c9552c0674 devices.xmupc1: init 2024-02-21 16:38:29 +08:00
chn
83b8690bce localPackages.vasp-gpu: fix 2024-02-21 16:18:34 +08:00
chn
b60a0e9b70 packages.zsh: fix history 2024-02-21 15:32:33 +08:00
chn
88609fafe4 localPackages.vasp: fix 2024-02-21 15:27:39 +08:00
chn
9204d9879b localPackages.nvhpc: use fhs to build 2024-02-21 14:00:27 +08:00
chn
f98887155e localPackages.lmod: fix install path 2024-02-21 11:29:47 +08:00
chn
77d268d883 systemm.nixpkgs: add cudatoolkit 2024-02-20 19:08:46 +08:00
chn
128b83a7c6 localPackages.nvhpc: allow multiple versions 2024-02-20 18:54:51 +08:00
chn
81ed72bf92 localPackages.vasp-gpu: init 2024-02-20 18:22:38 +08:00
chn
2aefcc5142 localPackages.lmod: init 2024-02-19 17:25:27 +08:00
chn
6b16d10a83 localPackages.nvhpc-sdk: init 2024-02-19 16:43:49 +08:00
chn
f7ff629c55 Revert "programs.aagl: move to desktop-fat" 
This reverts commit fd4e8ebdff.
 2024-02-19 11:13:34 +08:00
chn
61b3df7c82 services.vikunja: init 2024-02-18 22:59:49 +08:00
chn
fd4e8ebdff programs.aagl: move to desktop-fat 2024-02-18 22:48:13 +08:00
chn
8f623ff3df programs.chromium: move to desktop 2024-02-18 22:47:07 +08:00
chn
98817c89d4 localPackages.misskey: update 2024-02-17 21:05:24 +08:00
chn
983e9163e1 users.chn.plasma.wallpaper: add new wallpapers 2024-02-17 18:19:01 +08:00
chn
ea64073bbf users.chn.plasma.shortcuts: fix 2024-02-17 17:57:27 +08:00
chn
aa33572db7 users.chn.plasma.shortcuts: change some shortcuts 2024-02-17 17:02:23 +08:00
chn
21e8f3ec39 devices.pc: use x11 2024-02-17 15:56:25 +08:00
chn
8e2ff3d5a3 Revert "devices.pc: set QSG_RENDER_LOOP" 
This reverts commit 7125ae3be8.
 2024-02-17 15:56:16 +08:00
chn
7125ae3be8 devices.pc: set QSG_RENDER_LOOP 2024-02-17 15:50:08 +08:00
chn
810afe1df5 hardware.gpu: nvidia enable forceFullCompositionPipeline 2024-02-17 15:37:29 +08:00
chn
7ebb95aac2 devices.pc: switch to nvidia only 2024-02-17 15:15:20 +08:00
chn
b5ad8307dc packages.firefox: add plasma-integration 2024-02-17 07:03:22 +08:00
chn
385939522a devices.surface: restart iptsd on resume 2024-02-17 06:59:37 +08:00
chn
a3e1dce432 devices.surface: enable snapper 2024-02-17 06:55:26 +08:00
chn
e5288112e9 services.beesd: adjust hashTableSizeMB 2024-02-17 00:14:01 +08:00
chn
2396bdcd64 devices.surface: enable beesd, disable snapper 2024-02-16 23:34:49 +08:00
chn
63e4eb7bba devices.surface: enable wireguard 2024-02-16 22:33:29 +08:00
chn
c9fbc3b5bc flake: update firefox extensions 2024-02-16 17:02:52 +08:00
chn
a90f74fb77 packages: add nix-fast-build 2024-02-16 16:38:31 +08:00
chn
9b9493be53 system.kernel: add hibernate progress patch 2024-02-16 16:21:57 +08:00
chn
983decc8c1 packages.firefox: switch to lepton 2024-02-16 15:32:26 +08:00
chn
7d584a6563 hardware.gpu: fix 2024-02-16 15:01:24 +08:00
chn
7f8f65649b system.nix: increase max-jobs and max-substitution-jobs 2024-02-16 12:37:01 +08:00
chn
390c24aea9 devices.pc: reload mt7921e on resume 2024-02-16 12:36:23 +08:00
chn
98e75a2ab4 virtualization.docker: fix 2024-02-16 11:39:37 +08:00
chn
7c161d3521 devices.pc: use xcalib to load color profile 2024-02-16 10:50:12 +08:00
chn
7cb4c6ecec devices.pc: try to use colord 2024-02-16 10:48:24 +08:00
chn
aef16e54f1 devices.pc: add specialisation for nvidia graphic card 2024-02-16 10:04:07 +08:00
chn
536a96ce5e hardware.gpu: fix 2024-02-16 09:44:14 +08:00
chn
a94d6e3d21 devices.pc: switch to amd+nvidia 2024-02-15 23:20:56 +08:00
chn
0e09b925c2 hardware.gpu: rewrite 2024-02-15 23:17:20 +08:00
chn
9d1fae10d8 hardware: update nvidia driver 2024-02-15 20:28:51 +08:00
chn
ef1caae121 hardware: use default nvidia driver 2024-02-15 19:55:41 +08:00
113 changed files with 2873 additions and 1809 deletions
Expand all files Collapse all files

14
.sops.yaml
View File

@@ -5,34 +5,34 @@ keys: # cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age
- &vps7 age137x7csalutwvfygvvzpemlsywvdxj3j4z93a50z2sjx03w6zau8q3r5902
- &surface age1ck5vzs0xqx0jplmuksrkh45xwmkm2t05m2wyq5k2w2mnkmn79fxs6tvl3l
- &nas age19lhcwk37jmvn6z0v4dpdfh0k4u23f76twdjknc0p7atktf37rd7s4t4wj3
- &xmupc1 age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m
- &xmupc1 age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg
creation_rules:
- path_regex: secrets/pc/.*$
- path_regex: devices/pc/secrets/.*$
key_groups:
- age:
- *chn
- *pc
- path_regex: secrets/vps6/.*$
- path_regex: devices/vps6/secrets/.*$
key_groups:
- age:
- *chn
- *vps6
- path_regex: secrets/vps7/.*$
- path_regex: devices/vps7/secrets/.*$
key_groups:
- age:
- *chn
- *vps7
- path_regex: secrets/nas/.*$
- path_regex: devices/nas/secrets/.*$
key_groups:
- age:
- *chn
- *nas
- path_regex: secrets/surface/.*$
- path_regex: devices/surface/secrets/.*$
key_groups:
- age:
- *chn
- *surface
- path_regex: secrets/xmupc1/.*$
- path_regex: devices/xmupc1/secrets/.*$
key_groups:
- age:
- *chn

14
devices/nas/default.nix
View File

@@ -37,21 +37,21 @@ inputs:
delayedMount = [ "/" "/nix" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root1"; path = "/nix/rootfs"; };
rollingRootfs.device = "/dev/mapper/root1";
};
initrd.sshd.enable = true;
grub.installDevice = "efi";
nixpkgs.march = "silvermont";
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
kernel.patches = [ "cjktty" ];
kernel.patches = [ "cjktty" "lantian" ];
networking.hostname = "nas";
gui.preferred = false;
};
hardware = { cpus = [ "intel" ]; gpus = [ "intel" ]; };
hardware = { cpus = [ "intel" ]; gpu.type = "intel"; };
packages.packageSet = "desktop-fat";
services =
{
snapper.enable = false;
snapper.enable = true;
fontconfig.enable = true;
samba =
{
@@ -59,7 +59,7 @@ inputs:
hostsAllowed = "192.168. 127.";
shares = { home.path = "/home"; root.path = "/"; };
};
sshd = { enable = true; passwordAuthentication = true; };
sshd.enable = true;
xray.client =
{
enable = true;
@@ -75,7 +75,7 @@ inputs:
enable = true;
instances =
{
root = { device = "/"; hashTableSizeMB = 2048; };
root = { device = "/"; hashTableSizeMB = 4096; threads = 4; };
nix = { device = "/nix"; hashTableSizeMB = 128; };
};
};
@@ -95,7 +95,7 @@ inputs:
wireguardIp = "192.168.83.4";
};
};
users.users = [ "chn" "xll" "zem" "yjq" "yxy" ];
users.users = [ "chn" "xll" "zem" "yjq" "gb" ];
};
};
}

8
secrets/nas/default.yaml → devices/nas/secrets/default.yaml
View File

@@ -1,14 +1,12 @@
xray-client:
uuid: ENC[AES256_GCM,data:97aX07G5FPumdWcDxnYOs6fRgljXWuwyNXGg1d7zdbUUfNnb,iv:+wAC/DZXsg+evYFA4DMfLw5Ut3ExQl1RgZ/2AsNQDpo=,tag:ebD77muITHof+FQMydWobg==,type:str]
nebula:
key: ENC[AES256_GCM,data:zWLXEH628ZVDZk7U/9zEXocJatCJr7hZrCmh/pifPlxVvVud5RQxLvgRvhQ=,iv:YFn7spiIcaW/l8dQZvGhsERi81L2RKLUE/55Bht0TMQ=,tag:fVdIRCMeT6o0lrGVDjCVlA==,type:str]
acme:
cloudflare.ini: ENC[AES256_GCM,data:/LpP1qoVS+CG+5ska6vtmagHNrhcgr5e1QRzDdbdCYGnDB8Nca/GmIogzHCXsogQY/rwGTCZoXLKKEGToYiThwk=,iv:R++I0ued2wrVsmM/vYvBVMOp9M7HyZIfDOVOlg7GALE=,tag:gYchPuh8MHk3EEnGb9g4WA==,type:str]
users:
xll: ENC[AES256_GCM,data:XLSsz6fZ23PPaJS1Y5C3FAOks3wzb2f+Pv8TgyKrDBfMeoLk1M37A00OGJ2wsYxkuR0JV6Uoh+hhRpTUjOQnmLfQrBxPxxP8DA==,iv:jxEZX/flxxduM1sdrYfGHfMtFMYduMg0Lr6hY1pkAPg=,tag:CYy0y1e2S2Txz1OSh+XDHA==,type:str]
zem: ENC[AES256_GCM,data:VCVLfGO9a06XhAOBciFf1u7A5jaQikAt2wZf+dCAi1BglXpM6Hof1yAunadYOwLOBFgGlP19kX53CBBlZtaqZFL2GRDzXP0woQ==,iv:AFYtHCCkzNrllN/fjQ8GKYs2TyV3uj3BsU5n1tBQAmM=,tag:5dP7c5N4yG2NS4T+Vg0Zpg==,type:str]
yjq: ENC[AES256_GCM,data:yn6eGrySCxlRsFioaE2p1qlTHkIGC9l64+edjuDvt232xc+iFeD03EYfuulyr0GxYFwnlAwtaJnyMi5eOrSd1W6HeV3Canzdbw==,iv:qTc6vA8uQza8CB+BvffEN9GqHkiwNM4h9RkqQR14ylk=,tag:UZ2GYCJLjcWLuVXlscLviw==,type:str]
yxy: ENC[AES256_GCM,data:71vjvwr29lfPCarnblpbW3WVyJK8EMV+cR4prc4AM3r0PG4z88P6i0IrzSy8XwkVPrEasfYXxn+vDbzXyi7kIWaWXrkjcyGTxg==,iv:LfkinvbIhchvgfgixIY8Wg6esrc+TOS4YWqRTJ0qfvw=,tag:mLPw6z8DOPrHsRpUHn3/gw==,type:str]
gb: ENC[AES256_GCM,data:jIR3EVdATYUgWmW4J8RdURJRmDBC84t0S/c2EzWwtFMtjgKlqg52fIfQ66i7RnIYRAoF+s4Ex0aLSejWgzQ69NA/AF0AIS7Y/Q==,iv:mvTCTP0E74QlvM8TcY4o49G5kNGs5HFx3YUrj6mCrwM=,tag:LXfIOyAB10XuHA6Cg7LBeQ==,type:str]
frp:
token: ENC[AES256_GCM,data:zYRZoWa3Llv0NiPXtSfhWUn+wt4uIcw8Wa+QBTzn7gLk6UVIA4FD7FLABBKoFbwg62Fo79Nn,iv:YZdOYkJf6BN76Z68nCtetKElJkqKiYmcx6UmLoIXSdo=,tag:5sC2vt3Z21KhgOU9mrfXhg==,type:str]
stcp:
@@ -43,8 +41,8 @@ sops:
by9Rd0U0bzNiK21BQTNxN1RuQ09DQVkKJmSlzV5ppEkZFljsS17ZWmoI++fz4tJh
kTdoAStG1zsKASHyZTsmdm3RBDO3qV1KhQC2gC7d4EiwNZngxOOZJg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-07T08:57:07Z"
mac: ENC[AES256_GCM,data:Ihd7p3JU6zwn5tI3XkINrNJcsxdFjTsLdVpZLUvQez2jiNWq1kGP4QeJSBzqq/1Sgowc/PdWULlw8T21LitQalhBwaODVt/dNk0gkHYqrlDMVD90/MthAPKy+vT4YLhBkDC5W00em1qEfLYo5IXazM/0e1aZ7QcwEpp5775ICPc=,iv:Yp32/LLdcDHxdmXnwqJ6OiOm/4mipMlccSRXMMgO8gc=,tag:5T5R4JiJUsbKGrHjfVw92Q==,type:str]
lastmodified: "2024-03-07T12:35:21Z"
mac: ENC[AES256_GCM,data:bR4PPHaGX6VCRP+Ze96sccnwYxnZkfpmJp6iMBzr+W3JRd0VjTEwTH8aNn1WIsNFXco+BCmwroJR07oKYnbusBYgiEeHnkhXvyAELETs7BitH8JrUtSsGs2wJDfkU9fWf6BNT7oHGpP69Tyrl+8v+Q8jyLV8kW8+c7uJPyT2ACQ=,iv:Hl2eX7TV6lgWjUim0m4r44Ji0c9QDH+qzpDyBOTeVp4=,tag:6xkFMQMwEP7IhpXEB4o+hQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

59
devices/pc/default.nix
View File

@@ -25,7 +25,7 @@ inputs:
};
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
rollingRootfs = {};
};
grub =
{
@@ -53,14 +53,14 @@ inputs:
};
nixpkgs =
{ march = "znver4"; cuda = { enable = true; capabilities = [ "8.9" ]; forwardCompat = false; }; };
kernel.patches = [ "cjktty" "lantian" ];
kernel.patches = [ "cjktty" "lantian" "hibernate-progress" ];
networking.hostname = "pc";
sysctl.laptop-mode = 5;
};
hardware =
{
cpus = [ "amd" ];
gpus = [ "nvidia" ];
gpu = { type = "amd+nvidia"; prime.busId = { amd = "8:0:0"; nvidia = "1:0:0"; }; dynamicBoost = true; };
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
@@ -125,7 +125,7 @@ inputs:
nix-serve = { enable = true; hostname = "nix-store.chn.moe"; };
smartd.enable = true;
misskey.instances.misskey.hostname = "xn--qbtm095lrg0bfka60z.chn.moe";
beesd = { enable = true; instances.root = { device = "/"; hashTableSizeMB = 2048; threads = 4; }; };
beesd = { enable = true; instances.root = { device = "/"; hashTableSizeMB = 4096; threads = 4; }; };
wireguard =
{
enable = true;
@@ -133,14 +133,55 @@ inputs:
publicKey = "l1gFSDCeBxyf/BipXNvoEvVvLqPgdil84nmr5q6+EEw=";
wireguardIp = "192.168.83.3";
};
gamemode = { enable = true; drmDevice = 1; };
slurm = { enable = true; cpu = { cores = 16; threads = 2; }; memoryMB = 94208; gpus."4060" = 1; };
xrdp = { enable = true; hostname = [ "pc.chn.moe" ]; };
};
bugs = [ "xmunet" "backlight" "amdpstate" ];
};
# use plasma-x11 as default, instead of plasma-wayland
services.xserver.displayManager.defaultSession = inputs.lib.mkForce "plasma";
services.colord.enable = true;
virtualisation.virtualbox.host = { enable = true; enableExtensionPack = true; };
hardware.nvidia.forceFullCompositionPipeline = true;
home-manager.users.chn.config.programs.plasma.startup.autoStartScript.xcalib.text =
"${inputs.pkgs.xcalib}/bin/xcalib -d :0 ${./color/TPLCD_161B_Default.icm}";
specialisation =
{
nvidia.configuration =
{
nixos =
{
hardware.gpu.type = inputs.lib.mkForce "nvidia";
services.gamemode.drmDevice = inputs.lib.mkForce 0;
};
system.nixos.tags = [ "nvidia" ];
};
hybrid-sync.configuration =
{
nixos.hardware.gpu.prime.mode = "sync";
system.nixos.tags = [ "hybrid-sync" ];
};
amd.configuration =
{
nixos.hardware.gpu = { type = inputs.lib.mkForce "amd"; dynamicBoost = inputs.lib.mkForce false; };
boot =
{
extraModprobeConfig =
''
blacklist nouveau
options nouveau modeset=0
'';
blacklistedKernelModules = [ "nvidia" "nvidia_drm" "nvidia_modeset" ];
};
services.udev.extraRules =
''
# Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA USB Type-C UCSI devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA Audio devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA VGA/3D controller devices
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
'';
system.nixos.tags = [ "amd" ];
};
};
};
}

8
secrets/pc/default.yaml → devices/pc/secrets/default.yaml
View File

@@ -16,10 +16,10 @@ redis:
misskey-misskey: ENC[AES256_GCM,data:vcvQ/hs/F3BZd1sfvWwfEeB8vVoqdnprxobcmL6xsmg=,iv:S32yrjrjj56HbxTlfFGjOb+sO2M9KKEDEazCrpQWj6Q=,tag:iwnvqwQEdd6jicx9jJBdbg==,type:str]
meilisearch:
misskey-misskey: ENC[AES256_GCM,data:/wYR3Bz4LRk/Ks0vizlZS3Ebf5qVfnlBBqZEm/ZIBFdDuhddgu71cqCjTHIKQ6CYh3CoUyguKIIFWku/kOCHKA==,iv:dllKvZwxvZC4pVyEMOB9WNiVBsVxzo5kwbdYKCzzyrY=,tag:MvzqalVvBkyJoLbirN0V8Q==,type:str]
nebula:
key: ENC[AES256_GCM,data:kNm9hwMa/EhDeOCeZw1jEnroolTkeEeAxpSEDko6tHSDHwHbhfjr01ZzHKE=,iv:q2qCi99XgZJvRuF1dm16sK6BFIoa9QUN8p4LSiZq28o=,tag:ApOKdA91LBiWHv6TuXMkpA==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:oIpiXJvEoyryS4eEutoe85Af0L5a5iNuOsCWCat9KEhr2ecY/vRimk/1fbA=,iv:dm2hTSNX7Q38yASon5o1jxEJZbWPXUWYydXYMBHF/sE=,tag:yrANhwIF/wHQGHGA1bfPgw==,type:str]
mariadb:
slurm: ENC[AES256_GCM,data:fGvNMmqk7Cee28VJ1QoBVrBbgIUbj/F1W0SRjdP8N4K/M8Wx4AVm1kAr0IAhPWyDLXlIjM1NUvuEV5BpYDBdjg==,iv:rFTMJ4x2kgENQUA8ftSaLjdOc25i5mWR3UYbdq54vjs=,tag:6feD0eCSv7bcHWBveLNJwg==,type:str]
sops:
kms: []
gcp_kms: []
@@ -44,8 +44,8 @@ sops:
OUlxNjdQaXdXMkZ6bnV1ek4yZ2dpbkEKpKGOAxo5Eef2jtGrg4iSzmGCeg+vTgvu
+K8b+O19MIkGMDBm6UbYUPtc/7eqoEZRiTUzNMTmfkLVS4ul5zou9A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-07T08:55:33Z"
mac: ENC[AES256_GCM,data:3WDgwrlyzb0QfhCpGEKSguLZpRE68APpUclQaP4/2O5pX8E/HZ9tXVQNNVeOqozHWIe8sM5/kvY4vXEiXc1t2qrJk4JdPNI7fMIWf7QAYQWcFDNbSquUNp1VSmNp3Aka3xSS1wyVWnQOs6JY9rdbmeOcLQq0jE2sNDvivtBeJJQ=,iv:xt94toLZ91J9Twigu4FiyeYIg27u9oPkzduCUaLIgts=,tag:chf+LnNJMrnMf191BorOvg==,type:str]
lastmodified: "2024-03-07T12:35:41Z"
mac: ENC[AES256_GCM,data:Krgtb791wR+S0PQyV2h0Uyh7MKx9fOTHbetmgLoiGOHL8FMSvmWt3LCMQy+RyjnOIj9XRwb8l+kyTqkgeN4zEfKd1uuOh95Z/hLWhCkWs4dPaBu6Uw4aekH9ZUmQJZIr1lt2AIayRsVjaU0dIl4FOcLW+93ls95aluhvPPloJX0=,iv:MmJFdVpF4ZfxMRwbxPV/TC1Qt957vl0QvU0MZzUWdm8=,tag:6+VVFDdPSTycxnKO7Td6VA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

24
devices/pc/secrets/munge.key Normal file
View File

@@ -0,0 +1,24 @@
{
"data": "ENC[AES256_GCM,data:ftogJ/2oPME8sVbyNAuI3t3GEzUmdCadyjf2g/bjGNx3AoV0jU0SDxnBLDFfoR1rEtV00zfgCMPDGsEXavg+QVvoICpvvhckXMOLXe37H3Ff0wDVJtL4BBIK3oVh/SiYaRm/+uR0x6HW37KX50RRvKvpQoRdMVNnvtKbMjmQVIA=,iv:MOHfTIavoU643K10jSR3HruzoofOqqVspYgiaLc294o=,tag:zjDTPKwAOh/nqkquvAQpbw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5TTB1bHFXcDhoMk1QVzJ0\nUUplcGVBVUhoOEt0Rnc2ZStDUUpjZmV0eGpvCjFQSGl4TjlMT2R5RExNZWxwOUtz\nSWhhSUtFN0JISzJhclpCMFZDQ09jK28KLS0tIGJydDNoY3hBbEhBYUNYZGZCaWpQ\nQnVDalJCcWpIRTdVaWkzeGVNSGpDRWsKWXoMC8NApfenn191aRwdAjD0iM5+C3R6\nXKpHxfhc1Gf6paxBhketFU+AwWsKiBDKh0gntV49F+YSriPa7uI3FA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1ffvr5pqd2lfj24e3fh53s92z6h76fda3du4y4k6r3yjumdwvpfgqzj033a",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzclYwVjdOZnQ1Y2dlUi9n\naXQya21QVHZ0KzMxTkVuTEJuazB4WklqdFdvCmpMd0h6OXUvZSttOFpmeUdsSlNs\nQkhQaVJqVFdidFNMejljV2h3WUFTaFUKLS0tIGNBemY5R1N3T00zMEthZjBsWXZh\nVXRtNG5UV3I3WG5LYUphNUNyUDI5WXcKVQpMe3zYgzHOtQQvo8Vvz94lYR6TBFuV\nD7ztr4rD/Vdk3hkSGZQvdzGjNDdGpac38LUN9vtFQbzMofykcn/etw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-02-24T05:48:31Z",
"mac": "ENC[AES256_GCM,data:kCLcS6xeMijD8Bxa0MBUbFH2pdXX6BdGL1SztHHPet8loMkiCfgEiyp9l/QjszWa3G6zx3K+0wXXtRXmrNAxThnIgMZQVGCy4Ucw7fp8Pral/5eaJNlZGb56JQPF9ZDHb9YQPDPImaEAKYUtzayyaZAGJGlCmIIhVVhXTx7iiig=,iv:MXRDA/6YnVUbLdYAIrMvrdb2iPsi4Bmr06SPCU8CCVc=,tag:9hT7Xo0tRnHTgAaivKj4QQ==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

14
devices/surface/default.nix
View File

@@ -26,7 +26,7 @@ inputs:
};
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
rollingRootfs = {};
};
nixpkgs.march = "skylake";
grub.installDevice = "efi";
@@ -37,7 +37,7 @@ inputs:
hardware =
{
cpus = [ "intel" ];
gpus = [ "intel" ];
gpu.type = "intel";
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
@@ -58,9 +58,19 @@ inputs:
dns.extraInterfaces = [ "docker0" ];
};
firewall.trustedInterfaces = [ "virbr0" ];
wireguard =
{
enable = true;
peers = [ "vps6" ];
publicKey = "j7qEeODVMH31afKUQAmKRGLuqg8Bxd0dIPbo17LHqAo=";
wireguardIp = "192.168.83.5";
};
beesd = { enable = true; instances.root = { device = "/"; hashTableSizeMB = 512; }; };
};
bugs = [ "xmunet" ];
};
boot.kernelParams = [ "intel_iommu=off" ];
environment.systemPackages = with inputs.pkgs; [ maliit-keyboard maliit-framework ];
powerManagement.resumeCommands = ''${inputs.pkgs.systemd}/bin/systemctl restart iptsd'';
};
}

6
secrets/surface/default.yaml → devices/surface/secrets/default.yaml
View File

@@ -1,5 +1,7 @@
xray-client:
uuid: ENC[AES256_GCM,data:WEBAH3PQM5ahNpH/kvTtcjcJ2GllmmRlBR2oclG6AimGenSg,iv:TMp0WTOe9fuELSZoVGenl5XSZUFoiYUBEMWMn4NFv1g=,tag:GJTE0EELcZkrnGAKLYer1g==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:P/tyZHaEAahZUBF22dJEZb6mACm/wmUunPDG0vS7SNW3sWbzxRSut0haR/g=,iv:8VMv5iotmDrYDLiszcOvJHkD8l6uE+SboPSILr6KuzU=,tag:U/FIBhvghwDTvFtUWEqr4g==,type:str]
sops:
kms: []
gcp_kms: []
@@ -24,8 +26,8 @@ sops:
a2xybTRFUFZZN20zajZJTVNwVEpGcEEKglmFMk7z1q5IlZ+lZf9M0HtknmvcYt/P
2/z5e8wLN1Hy0Zsbv0yIL/NmqwxAOGJOdzz7ElJszk/Y4kUr9aRasg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-17T08:21:40Z"
mac: ENC[AES256_GCM,data:8+nUsgM47gMZmCQwPgqzM95UuYgF3UStE+XiOPPaed/VIk9e2fNLu9vR+wEgb04pR29BQTWV0qx7xqF/IzFbMYLfujgfDQoOf5pTFi5E6WTFp/MDlq8DSwxJqegEvshoAcRMt2Ur8VKbEZ/ya+yZipEZBPyGHkvi0kS8AOULbb8=,iv:txSZzGGtMVMwi1ogcAJdNqm0bb8so0RVJvkbu0QMHT4=,tag:6TQ7LYfoOrCTPMBAPQqwyg==,type:str]
lastmodified: "2024-02-16T14:25:17Z"
mac: ENC[AES256_GCM,data:lpZ+Jd5LF35ESBOmOoq7pbNHze7rJiQsiq8cOgf8+cWnAqVh1bccG0cFe7R8uBhmuKIqp7TwkORDFuD+KFCZW14cbR4SP3vndSoYzKxIBdKTObR95w2ETst+prUtQ3fvFeEtlJexeljikfprWf2pGo1OzPophAyocgT31z2iMjs=,iv:Bryz+kqRvXYPj6YuxeDhQfLsgYqHXrA+lHFX18m2GGE=,tag:A7mvmguWoOir2JoIprgL4A==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

9
devices/vps6/default.nix
View File

@@ -23,7 +23,7 @@ inputs:
delayedMount = [ "/" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
rollingRootfs = {};
};
grub.installDevice = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
nixpkgs.march = "sandybridge";
@@ -34,7 +34,7 @@ inputs:
packages.packageSet = "server";
services =
{
snapper.enable = true;
snapper.enable = false;
sshd.enable = true;
xray.server = { enable = true; serverName = "vps6.xserver.chn.moe"; };
frpServer = { enable = true; serverName = "frp.chn.moe"; };
@@ -53,7 +53,7 @@ inputs:
(site: { name = "${site}.chn.moe"; value.upstream.address = "wireguard.vps7.chn.moe"; })
[
"xn--s8w913fdga" "misskey" "synapse" "syncv3.synapse" "matrix" "syncv3.matrix"
"send" "kkmeeting" "api" "git" "grafana"
"send" "kkmeeting" "api" "git" "grafana" "vikunja"
]));
applications =
{
@@ -71,12 +71,13 @@ inputs:
wireguard =
{
enable = true;
peers = [ "pc" "nas" "vps7" ];
peers = [ "pc" "nas" "vps7" "surface" "xmupc1" ];
publicKey = "AVOsYUKQQCvo3ctst3vNi8XSVWo1Wh15066aHh+KpF4=";
wireguardIp = "192.168.83.1";
listenIp = "74.211.99.69";
lighthouse = true;
};
beesd = { enable = true; instances.root = { device = "/"; hashTableSizeMB = 64; }; };
};
};
};

7
secrets/vps6/default.yaml → devices/vps6/secrets/default.yaml
View File

@@ -47,6 +47,7 @@ xray-server:
user20: ENC[AES256_GCM,data:uRSG6jOks7utk2bRdd5sndvqVnSGRhjkts2f3+V7JdEwQf4k,iv:xZdVv/H5RuliwSEWmgLViLquWZ5znGOpP9YwwLJfsyo=,tag:JR3BsCKkHpkE7woTaMHXwQ==,type:str]
#ENC[AES256_GCM,data:37f8REUu8PU0lfg=,iv:WOhsotX/O7Gg+YgkK5Fuw/njKz+1OgKSx0vXl1A32XY=,tag:IyjPLut59RuK/PpCyK4ZAQ==,type:comment]
user21: ENC[AES256_GCM,data:9cd7IY3zzoziXznclguxbmmZ5hfc2H1DPa+KW1geuybRlpB9,iv:NKwdt7ppRuNpn44f1ypNOoPS27Yqk3Z31ABQbflS9Gg=,tag:S2B1vR0PVd3FYu24XwTfpQ==,type:str]
#ENC[AES256_GCM,data:spyQkQIHwg==,iv:7+0DUK95MPH7lpr+GMbbLu4/5yA11/4gTuLhQKlStfE=,tag:G/gIXML8UhYoCi9FfoTvSA==,type:comment]
user22: ENC[AES256_GCM,data:sCOmhXaJjzDIiuwP3Nh+yXQRYCppATzVWIdjOoMOlu+OFT+U,iv:HKRsCLJ/2jr7rGkM04uv4V1GKQheo2oxeFu4zqxcIAc=,tag:1swUo08hSzJ1PmQr/dBcgQ==,type:str]
user23: ENC[AES256_GCM,data:rgS6IdC4DBLvWWBkf5Db54yaNvagfISm5tHUD1KgeqrCR5x/,iv:ANQYEXssMfbU0bvk25dVYq+yQlMiVEyQCwrGPw1AGxc=,tag:d9sOvvxheWwsE/SeOgcWUQ==,type:str]
user24: ENC[AES256_GCM,data:3bn/ZG0En/OgY4PA4Ir8MaVWpJbX+ywpkoXQn7HChT+xhKFZ,iv:Jw8AG7vTc6j4VznekF6x2LXkoSFz960yqsSjPm1ORvw=,tag:EszCODBuLULKHJHh4Itq7A==,type:str]
@@ -72,8 +73,6 @@ send:
redis-password: ENC[AES256_GCM,data:6zVKw9AmKwSWvHUZhzy0F2KcJW96uFoZY/N1Zq8ilUJOLZeX,iv:viwLIgJz9v8oadr8784OgETbEsxzGsJvVoxmOwWEFxo=,tag:XEYFnoCGwlnrkqaUbgeH+Q==,type:str]
coturn:
auth-secret: ENC[AES256_GCM,data:50KqO4GQ1ERbCnK4IjYu6aywT+IPMtVlTzh/TE4MwWApU4pO9yqz25ENGUAKRLi4p+Ecug+Rn3InRl1b+q6bAQ==,iv:SgHkHvHg/+yA1Z5E9effgCnZMVXv5amGNUsVKErai54=,tag:PoYLV9Xr0IXXsA39n7wiTQ==,type:str]
nebula:
key: ENC[AES256_GCM,data:1zvyGKsyJESAbf6tUCy6hX93rDXEYNA5QBsqV4Ag4+cksToQ5IubchciQt4=,iv:ZG+pCofTTGx6LcJ05qohotRcX6MK4JsUzL2DfmKE4eI=,tag:o/Vm72d4QbfLXoSVwXZYhw==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:4DKPPqQkjb33rQzFIz863A2arDRQA9AivWFBaWTf0xXDX4hWvJFiIlJQfvE=,iv:0R2TH3CMxHgwVjojzjE2Gnp8SXonmBDLWF7hB33NiX0=,tag:vgtV8JkuCdspleN/SvgIqQ==,type:str]
sops:
@@ -100,8 +99,8 @@ sops:
ZXFTU3ZCaW1pTVh0RUJzdDdGdHlPYTgK2mlgcX2kEc8+2UDdBnhUm6IIuh8V6agW
ooxH9OEPXUVI/4JcDo4v8ZUhAyU1ehLH0Ef7PJCChOZe2KZmWSNbhA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-15T11:39:07Z"
mac: ENC[AES256_GCM,data:cjP8ZDujb+RhdK5fa51if+mlx2EpfA4TTmlRbExfIDnahM8deF7qmXhOXeRIF7TrdK7HrxxOsNm2F300sbtEV0CJBsu0Wf9V3JuCuf2deEhABVSEh5f44ZCg4fLCFKCidn6GZPGjk+nEbFd+U5elcDHaqbdhdMeu3iMIf/xncac=,iv:uTv//gOvqdOKWWFvDsvdix66UiHmKzf2Dz2FuJYCfcY=,tag:qzXfKyyltjZVN8sux5mElA==,type:str]
lastmodified: "2024-03-07T12:36:12Z"
mac: ENC[AES256_GCM,data:VECN4xQhoulbsTzIZpXKYY5/8ZuC+fkSluMPJbfqcvCCvvcyclIKJJQZin5SYAxGxewQZdeyZ4sfZ+lo+0/gXiiHQPz+jqrURGIWailfnUhM/6ziHVxXAdAq2j0XNDGt1Xf+rprG+R7xhqBHK6jt/EMJBuT4ar9heo/aJBtU2hk=,iv:pYzKQAVdY0qJKRzq4eESQNd94PpK8q6xwpOowtmreVQ=,tag:LlzVVl5U/uU3eJNck9LnrQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

3
devices/vps7/default.nix
View File

@@ -23,7 +23,7 @@ inputs:
delayedMount = [ "/" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
rollingRootfs = {};
};
grub.installDevice = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
nixpkgs.march = "broadwell";
@@ -72,6 +72,7 @@ inputs:
wireguardIp = "192.168.83.2";
listenIp = "95.111.228.40";
};
vikunja.enable = true;
};
};
};

9
secrets/vps7/default.yaml → devices/vps7/secrets/default.yaml
View File

@@ -27,6 +27,7 @@ postgresql:
grafana: ENC[AES256_GCM,data:ZLtDIZ3oKasE4r1WNllNe/rkXxqRS+QAJI7EGPKhiFF1BtAxD46UpGQnUag3yg0gP/8+3COQs6camVSxcKFL1A==,iv:wMj3keVjNpVwNMwlt4E3ds1EYjLNIZ/S3RydhOlmYWU=,tag:ZRn7NWaUPbf2rHYLoLYw+w==,type:str]
akkoma: ENC[AES256_GCM,data:6piRt7BbMBLVGdot+VyoJN3/S8DoPNTYHFh/1coHSLNmiA6kU/6sca4Bts1Up/Vu164oTsFAr1JsKx6tzNzAPg==,iv:qplA1GXHwzVrmjm7eagCk3PFa7DRdwaf+p7N1HLb6mw=,tag:W6WedSK3R1IgZVo/0Hr9vA==,type:str]
synapse_matrix: ENC[AES256_GCM,data:5j+TYJ3vYUqu6CdRDYAT558DsTWbX4Rh+HuukPog5HGXlhneL3RnxVeGBR9CV1rlCP1NY99Nm8roBG+BcyPYHQ==,iv:CboB6lzqxAE/8ZlzaTU3bxw94N6OAhrq8pZ0AfxQiUc=,tag:z6cM3ufgbMn5n5PzgqdRjw==,type:str]
vikunja: ENC[AES256_GCM,data:syb4NYBxL3DdmZmcC+em0klmm6bkkIL/DH/gnzShYRiaezRFskT+yay9govn++SpbuvkoCJq/GYAFxNL+hcVtw==,iv:TQUgdzYQ0gqsAmux9v3BAQFNzHnCTZ+X/OC0b9Bfya8=,tag:b1AsiAW5XzA3DzGdf8J03g==,type:str]
meilisearch:
misskey-misskey: ENC[AES256_GCM,data:4s+qqd6mmstioC0XmG/vA6ED9mzu1vRJVPFFalRiqnnsFy0dYEU87H+y12eOp/KDSLdTNvpp6Z6jCNvxnpDXzQ==,iv:x6L9OPu/dwVsD9pYb4dqavw9NesMbo7LB+rwz6veAR4=,tag:/BBqV2sHIgPas7XsZydh2g==,type:str]
rsshub:
@@ -53,8 +54,6 @@ synapse:
form: ENC[AES256_GCM,data:7HF7HMUH1BTJgXXP6cpUiVj0jCwGW57bx9wKTJu7PnRsNuAam/+nKX7Zfg7WD+gSBlA=,iv:SYeUsuFVgAA6U6STCtKT5c5E8Kglh3x7hy6+Op4n0W8=,tag:eICmHTwwn0KcgNhdDGnusA==,type:str]
signing-key: ENC[AES256_GCM,data:hzxxDbGp1L09O7+ueUSa5lJOY/QvF2zvHdpueEHjaPQEToQt9mr2loeTQHC7ObTegfLb9UHrI1jn4A==,iv:KngfahwYZZmDQ5LeOUPWptTMGAC8TZm1G0FWcrwCwsw=,tag:U9pW6/boBIpiswn67Ezrfw==,type:str]
sliding-sync: ENC[AES256_GCM,data:BeA6g98IWDP6hnLFI77QqG6esDwB6j3OPzAv3eJxWoTajAsByHSgSYP1vHN5Iok6IgvSSmkf0/HiOJy1Ca8IIA==,iv:ca+t/rYwc/fAVUcz0JTmrRQCOcbDNscbnE8BpHkx/OE=,tag:eEfhUChUt4kRnO82XqRY4g==,type:str]
nebula:
key: ENC[AES256_GCM,data:9o6EkfTWOU0KwnJsgHML4E7VOfzo3LHnlOkV8ubhi6aayXImC3lAaoPrqUI=,iv:KHprijN7z+4FIIW+D5klDM9a9VzMJ5xawPc7jJtbHmk=,tag:0DAmxoz8D5f38ndPbkNW+g==,type:str]
vaultwarden:
admin_token: ENC[AES256_GCM,data:muavuOY88Lm4rSEoCp4IIPp7Z+sqf36VwpnPgf+K6IwwFkUgYM1GO80ogReYWqqUM6ij1Yzl5D9ncUbq+aGTKQ==,iv:jA4MRJlz71CMmPnWjb2tGbbIoMkEsESUowhXDckKKMI=,tag:l0HaJmnU29YeFUxjOgN3Kg==,type:str]
mariadb:
@@ -105,6 +104,8 @@ grafana:
chn: ENC[AES256_GCM,data:0bbjggWS1MdcUIQiQyPlBTULm+faKDpJbmZmV6vSw8k=,iv:am65WQzUE+AvQrQV+NSF5u6RCWn7EetyPsdy4Cuvyyw=,tag:lxNUM1cIYVSXVgwEnS1Hdw==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:TS+toaJRgAvC78XVwTciXe2IG8++vaqXVCi/u/8Aej6qq1B9Cb6f20cp5K0=,iv:T/NkLvcYiWzIDG3jWtuhe/sH2GT4z5f0xdUGbSL901I=,tag:qN7YokFBj3Kbbx4ijHTRnw==,type:str]
vikunja:
jwtsecret: ENC[AES256_GCM,data:p6e22qPJzTGB21oWhSr8AA4bfrele9ZOHVtZ8BHgX21IhoKdm58coGtSX1CGXR7J6+1/74RdLY9K88nGrM1F1w==,iv:DGUO8rhf7Lg9dTqSmzlR/Jd2K4oUjO8w9E5bihwsykI=,tag:SpX6UI0QIju/tC1fIL9CCg==,type:str]
sops:
kms: []
gcp_kms: []
@@ -129,8 +130,8 @@ sops:
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-20T06:27:19Z"
mac: ENC[AES256_GCM,data:i7AN+Sd4C61GSzT409mYd6D2tQzDyONIUsto52b1mV8hIJ4Q/U9VT5wumRjm4dGUWqrq9oFdD0/iUL1CmEdasBN7VFwNEpSYl6yhzU7zX3Re3N/0mffeW0Fx/38LdvywusJAHC9yWvsNMblKDnYxGm/UI2W/7QRMDyr8jnU6La0=,iv:Ua+K1m27GkkrUn+wcylkwrdWnq1yzFG1NMVzYAiW/6k=,tag:Gqqk5zOU3Ax2Al5CvXEV7g==,type:str]
lastmodified: "2024-03-07T12:36:38Z"
mac: ENC[AES256_GCM,data:Pe1wXpemyIGckkldnOy7sWYTp/SlHT7ffNzJbeNwK9hSRGbpU9as7BQ8IenrHbO9U5QT7oij3PdzLk88ImVCbu0rZ8P6k6JbbrSEUSeN+9IRPnMDbIcpd+HQ+Ite4UjLwX7UxPuy0yRCYHiu2Fu2JpdWf+uL5bc/ZFnJ887+3lA=,iv:JmII0faZo+upukOJeCS7AbpCr2wKR5YjPX/W+kJnFUE=,tag:w5woNqrhJbZM38/RPWYmnw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

125
devices/xmupc1/README.md Normal file
View File

@@ -0,0 +1,125 @@
# slurm
## 基本概念
队列系统换成了 slurm。这是个正经的队列系统不像之前那样是临时手搓的可靠性应该会好很多。
学校的 hpc 上用的是 PBS和这个不一样但很多概念是相通的例如队列、节点等当然这里只有一个队列和一个节点
这里简单记录一下如何使用。更多内容,网上随便搜一下 slurm 的教程就可以找到很多介绍,也可以看官网文档。
先说明一下机器的硬件配置CPU 有 16 个核,每个核 2 线程,也就是总共 32 个线程。
slurm 限制 CPU 按照核(而不是线程)分配,
提交任务时, `sbatch` 命令中的 `cpu` 或者 `core` (它俩是同义词)都是指核的数量而不是线程数
(也就是说,实际运行的线程数要再乘以 2
VASP 支持两个层面的并行,一个叫 MPI一个叫 OpenMP实际运行的线程数是两者的乘积。
MPI 并行的数量就是提交任务时指定的 task 的数量,
OpenMP 并行的数量等于提交任务时指定的分配给每个 task 的 CPU 的数量再乘以 2
也就是最终的线程数等于指定的 CPU 数量乘以 2。
此外还有一个限制:当使用 GPU 时MPI 并行的数量必须等于 GPU 的数量,否则 VASP 会在开头报个警告然后只用 CPU 计算(但不会报错)。
## 常用命令
提交一个 VASP GPU 任务的例子:
```bash
sbatch --gpus=1 --ntasks-per-gpu=1 --job-name="my great job" vasp-nvidia-6.4.0 mpirun vasp-std
```
* `--gpus=1` 指定使用一个 GPU排到这个任务时哪个空闲就使用哪个
可以指定具体使用哪个GPU例如 `--gpus=4090:1`
可以简写为 `-G`
这个选项实际上是 `--gres` 选项的一种简便写法,当需求更复杂时(例如,指定使用一个 3090 和一个 4090就需要用 `--gres`
例如:`--gres=gpu:3090:1,gpu:4090:1`
“gre” 是 “generic resource” 的缩写。
* `--ntasks-per-gpu=1` 是一定要写的。
* `--job-name=` 指定任务的名字。可以简写为 `-J`。也可以不指定。
* 默认情况下,一个 task 会搭配分配一个 CPU 核(两个线程),一般不用修改。如果一定要修改,用 `--cpus-per-task`
提交一个 VASP CPU 任务的例子:
```bash
sbatch --ntasks=2 --cpus-per-task=2 --job-name="my great job" vasp-gnu-6.4.0 mpirun vasp-std
```
* `--ntasks=2` 指定在 MPI 层面上并行的数量。
可以简写为 `-n`
* `--cpus-per-task=2` 指定每个 task 使用的 CPU 核的数量OpenMP 并行的数量等于这个数再乘以 2。
要列出已经提交(包括已经完成、取消、失败)的任务:
```bash
squeue -t all -l
```
取消一个任务:
```bash
# 按任务的 id 取消
scancel 114514
# 按任务的名字取消
scancel -n my_great_job
# 取消一个用户的所有任务
scancel -u chn
```
要将自己已经提交的一个任务优先级提到最高(只是自己已经提交任务的最高,不影响别人的任务):
```bash
scontrol top job_id
```
## sbatch 的更多参数
```bash
# 提交一个新任务,但是礼让后面的任务(推迟到指定时间再开始排队)
--begin=16:00 --begin=now+1hour
# 指定工作目录
--chdir=/path/to/your/workdir
# 指定备注
--comment="my great job"
# 指定任务的 ddl算不完就杀掉
--deadline=now+1hour
# 标准错误输出写到别的文件里
--error=error.log
# 将一些环境变量传递给任务(=ALL是默认行为
--export=ALL,MY_ENV_VAR=my_value
# 不传递现在的环境变量
--export=NONE
# 打开一个文件作为标准输入
--input=
# 发生一些事件(任务完成等)时发邮件
--mail-type=NONE,BEGIN,END,FAIL,REQUEUE,ALL --mail-user=chn@chn.moe
# 要求分配内存(不会真的限制内存使用,只是在分配资源时会考虑)
--mem=20G --mem-per-cpu --mem-per-gpu
# 输出文件是否覆盖
--open-mode={append|truncate}
# 指定输出文件
-o, --output=<filename_pattern>
# 不排队,直接跑(超额分配)
-s, --oversubscribe
# 包裹一个二进制程序
--wrap=
```
# ssh
ssh 就是 putty winscp 之类的工具使用的那个协议。
* 地址office.chn.moe如果在校外需要厦大 VPN
* 端口6007
* 用户名:自己名字的拼音首字母
* 可以用密码登陆,也可以用证书登陆。
要从本机登陆到学校 hpc 的 jykang 账户,使用下面的命令:
```bash
ssh jykang
```
# rdp
就是 windows 那个远程桌面。
* 地址xmupc1.chn.moe如果在校外需要厦大 VPN
* 用户名:自己名字的拼音首字母
* 密码和 ssh 一样。

76
devices/xmupc1/default.nix
View File

@@ -10,16 +10,25 @@ inputs:
{
mount =
{
vfat."/dev/disk/by-uuid/3F57-0EBE" = "/boot/efi";
vfat."/dev/disk/by-uuid/467C-02E3" = "/boot/efi";
btrfs =
{
"/dev/disk/by-uuid/02e426ec-cfa2-4a18-b3a5-57ef04d66614"."/" = "/boot";
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
"/dev/disk/by-uuid/2f9060bc-09b5-4348-ad0f-3a43a91d158b" = { "/nix" = "/nix"; "/nix/boot" = "/boot"; };
"/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12" =
{
"/nix/rootfs" = "/nix/rootfs";
"/nix/persistent" = "/nix/persistent";
"/nix/nodatacow" = "/nix/nodatacow";
"/nix/rootfs/current" = "/";
};
};
};
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
swap = [ "/nix/swap/swap" ];
rollingRootfs =
{
device = "/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12";
waitDevices = [ "/dev/disk/by-partuuid/cdbfc7d4-965e-42f2-89a3-eb2202849429" ];
};
};
grub.installDevice = "efi";
nixpkgs =
@@ -40,40 +49,26 @@ inputs:
forwardCompat = false;
};
};
gui.preferred = false;
kernel.patches = [ "cjktty" ];
gui = { preferred = false; autoStart = true; };
kernel.patches = [ "cjktty" "lantian" ];
networking.hostname = "xmupc1";
};
hardware =
{
cpus = [ "amd" ];
gpus = [ "nvidia" ];
gpu.type = "nvidia";
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
sound.enable = true;
gamemode.drmDevice = 1;
};
packages.packageSet = "workstation";
virtualization = { docker.enable = true; kvmHost = { enable = true; gui = true; }; };
virtualization = { waydroid.enable = true; docker.enable = true; kvmHost = { enable = true; gui = true; }; };
services =
{
snapper.enable = true;
fontconfig.enable = true;
samba =
{
enable = true;
private = true;
hostsAllowed = "192.168. 127.";
shares =
{
media.path = "/run/media/chn";
home.path = "/home/chn";
mnt.path = "/mnt";
share.path = "/home/chn/share";
};
};
sshd.enable = true;
sshd = { enable = true; passwordAuthentication = true; };
xray.client =
{
enable = true;
@@ -82,18 +77,41 @@ inputs:
dns.extraInterfaces = [ "docker0" ];
};
firewall.trustedInterfaces = [ "virbr0" "waydroid0" ];
acme = { enable = true; cert."debug.mirism.one" = {}; };
smartd.enable = true;
beesd = { enable = true; instances.root = { device = "/nix/persistent"; hashTableSizeMB = 2048; }; };
beesd =
{
enable = true;
instances =
{
root = { device = "/"; hashTableSizeMB = 16384; threads = 4; };
nix = { device = "/nix"; hashTableSizeMB = 512; };
};
};
wireguard =
{
enable = true;
peers = [ "vps6" ];
publicKey = "JEY7D4ANfTpevjXNvGDYO6aGwtBGRXsf/iwNwjwDRQk=";
wireguardIp = "192.168.83.5";
wireguardIp = "192.168.83.6";
};
slurm =
{
enable = true;
cpu = { cores = 16; threads = 2; };
memoryMB = 94208;
gpus = { "3090" = 1; "4090" = 1; };
};
xrdp = { enable = true; hostname = [ "xmupc1.chn.moe" ]; };
samba =
{
enable = true;
hostsAllowed = "192.168. 127.";
shares = { home.path = "/home"; root.path = "/"; };
};
};
bugs = [ "xmunet" "firefox" ];
bugs = [ "xmunet" "amdpstate" ];
users.users = [ "chn" "xll" "zem" "yjq" "gb" ];
};
services.hardware.bolt.enable = true;
};
}

44
devices/xmupc1/secrets/default.yaml Normal file
View File

@@ -0,0 +1,44 @@
acme:
cloudflare.ini: ENC[AES256_GCM,data:PjCyozvFTXxA///enYYbaMZ8ISfFjJviLVKfdOcMSi5G3CEjEsp1Ez4krbgy4/eJo4v9HfTN0bMmUnl2OHOyzTg=,iv:e1iQZ5JUHkzfnfP956Lzl3FWs11xdULctA5MZsALtU0=,tag:8X2Q/Hixxn/ci4XRSUDidg==,type:str]
nginx:
maxmind-license: ENC[AES256_GCM,data:/7R7w+fiMw54Cmd7y/wT/s8RMqFMf3Fc0Mph0ZhURmCzowkmLEhtmw==,iv:i+Z+2NbssI864Edwf73SQfaeFuWoqr+U8eQ/8R23FOk=,tag:8ITlkS97vlsmHM1HDk6/3A==,type:str]
xray-client:
uuid: ENC[AES256_GCM,data:4PM/d263HgBseIgRplgo5ahJ8u8HuPznXt2hW5O+VawS6WjP,iv:98Ymj4eiCGQPMcaHBI9zJAaRagm82mF0LY2c9bzA+/s=,tag:8imXq/hxAxS5XKy0uWIBPw==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:Azaqung7llErB7/IdnOnEkwjQ39yQHKcO7VgvMDCDTExM7nS0zx+yMYX4ls=,iv:FX8oLHMBVEnKkYOg8q2A9vFmtRZDws5T87+lEl7+2G8=,tag:DdOQUbNKB6JK7Tp6McQ0Og==,type:str]
users:
xll: ENC[AES256_GCM,data:tGzKVg4prhg9oXOSX0FJIAWdF79CWsFuiU8U12dSnkBIgRXPZlJkz9mLLTENm6SjftItt/ku4MDj94KnM+nPYkIorTYtEuergg==,iv:oavvRf7/21LuDksUiXLfR2/qQNz5O6JyroxX1DwC6gc=,tag:qYbW1ZQtXo+2qGrl5wuZkA==,type:str]
zem: ENC[AES256_GCM,data:r2BDtAfMohsnoqw51/flvkiXe/EtJtDhakEyOTPX2E7cikfPtPD9iJPd2RnNkS3QPBKg08ex5ce2e3ywzGgNX5RKrxIacpxSSA==,iv:VfhEqTvS9qVFGif+SkBdz8VR6BXEnncMYcPQW4qqNk8=,tag:t4JBEhX+6iqnrd0JoLKpmA==,type:str]
yjq: ENC[AES256_GCM,data:Yb9gVDrWhpmBYI8JlGee30J+PVFVGLo4btFVGToUVj3Sr2bPetY96mEJoxYQha7SPKBoZ7+ePzWYiYOi43MZ6sYndj3C6sYmYg==,iv:2H2+ZmIIDJAKds1XSMqVcUpsix3rbxLkVlBIIAK3ifg=,tag:7redx03BsscRrk+e7dqXdg==,type:str]
gb: ENC[AES256_GCM,data:ZoprrHc2l0nkqy4ujYQfxNENMEnfpRhCIxX7jMPoWeTrJt2sE1AloWeVFsArJKTx8krpW96X3AXpUIauMH9kc/CviPop2QMgDw==,iv:fOIVPEHDvyZ45G9uRbx2gBE0KuZy+aEWALlXusDJ1YU=,tag:G6hZLn9/99Kj+wZAeNyxkQ==,type:str]
mariadb:
slurm: ENC[AES256_GCM,data:qQMD8SKNmxb3PdScXNqppF9zkX7dV5i7rvljvZuhiI5zLnu77qYCHBW6ymh0mrY14N9NjxmQZhZWX/H8TvBlcg==,iv:J5N3LjCYW3QmuEkMBpl7qvPFW1Z9ZoPLkj45jKcIW9U=,tag:Tl+ld07+lVkmzt7f/f2MqQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RWIreCtMeTZ0UE9Zd2di
VE9tR0x6SUNyWjlPV1BqMU5Tb0RTSXNGN2hNCkxuVjFFb0xJZTBMekxqdE96RlRh
czF0dHQxdVhsNE5tVWg0Q2RmYktsWDgKLS0tIFY3dHRlbFpsWUsyTzA3RVR1Qyts
UUJHMU13cm1lOXhRYzhSWlFyTFltYWcKDUxABRGskWWpHEFL44gHYzAqaQ3AmBDt
LcL/4IiEs3TwOpuY+WTVx8JKZBOsxcSlNahiDuCnoTbL4gZTPnd0pA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbHd4ZHhsTk5leDlreC9E
TVAzRXVuS0Judk5zTGVWRVhWSUhpMFdscEg0ClVFYzZYZG9hNjJKTlRVZ1I3eXVq
M2Y5by85dE1QM25yQ3g3bFVSL2tsVlkKLS0tIHVYbGxrT0hOQkZ5SHBsQ3UyaVly
ZDNHUjE2QVlCV3p0NHdKYW5IMHVBZzQKkZtfyvfroOntg3yRjMw4jQHiQj8eaB2h
IeIHfW4y01mmVT2ofbtB0xYpjcl4gtUlQ8X3tn5iJ9P8gcVo0G598A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-26T06:04:25Z"
mac: ENC[AES256_GCM,data:2d3i3rcRYrB58vJuyhP4AIB11Ns+zQq0Pli1LF4sAKb75OmJ/qlRcwJKlOCASdY95FfzOQDGjfZheg58fVSd9EbYxX+npMXGUiODa8JRTHgQye3/qjFv14v49zKFJ0dNs13XnOEA4QAry/7gDlb0+M44bNRGPSZSoFX2yJ53smw=,iv:I1YDN6+26BmaWR84kq9zXNXjQ4cRvtzrS2Q13PlUjp0=,tag:sgxcTpOr7T2oXjb5qLRrqw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

24
devices/xmupc1/secrets/munge.key Normal file
View File

@@ -0,0 +1,24 @@
{
"data": "ENC[AES256_GCM,data:tuEymMXW0f7Rui5wrz/xozphTEq6ffkYIfNIoURFNHwH2Cg+aKHz2ox0gk02BJARhPMDrxCYlChkcrEI0ma/T0eBe9sWz3tA8AOwU1lHSZ06d/JWzW7IUIyTac2mnjt3/jY/qpnR4A8wtHwD0j4zkzXgUgFwq7k/fs24acEE4Jo=,iv:iDTS0xswLrwkOYmfomE5hluVONgJYia/RjINDy7T3R0=,tag:oIYNpFCuT2D+X1QEJJiHew==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3aFRRa0NsOUp5MEg3UHcx\nc3g1VFZEQS9Tci9QSnNFYnIrT3hUdVU5cWxjCnU5UXVEdTFXczJzcHVvSjF2WHdB\nYmpyQVVaUFozKzJIZThBbXUxb2k2YzAKLS0tIHE1QXVrOXo1Y3VXMzJJYitWU3Qv\neDF1cndrSi94clh1cS9NczN0UW9pOXcKtrnIj3WovMYdcg5nWnnyRhJhTGLrlwxW\nxQ6bmNrfbZedmCNdjY2lPXmudMXJ8YlWe/HGCe94x3iFlaSwCIGUsA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocFl1SHJEemRySlBnMmNn\nVW9RS1NNdlo4M3l2WGlQaHJmbDBHcjMwaVVnCnY5WExPOXZJVEdYSlJ6UTRBMGJj\ncmlYaUNVV1hnWTNkaWVuV2VuaXN2eU0KLS0tIDBTYnd2NmVYTUJKaHZWRWo3ZlUx\nTEtPZWc2RE1XNG9WTXFOTllWVUVWeUkK+9aLz1rygGAQjpG+oMNUtrDkQaDfg+2q\nnl/CtZZrFD6NXGw6Di0X5t9fQu295NTJ/0qjXnfMigG8gDtxkE+/7g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-02-26T06:04:53Z",
"mac": "ENC[AES256_GCM,data:y0RkPyUwwff95BFL951TxS/x5ORzMsxFJVjopSw+8iVtswD8MT1nmsbwyth4C9OnJ/IAtnZk/CjAt72a68AZpPI+2W/JqJq20ohFoquDNhTlsoyLWdO3Vjrd+Wo3hp0+iKQ3e/uYrF1sTqQO9a3OIxu2sVLM0gEDmIe2nJpLJQo=,iv:EjXTQvVdjzfClNfQ3rPxAFVWVqr7sSOz4ap+nshPEAk=,tag:DcIlf9W7NNqQ+gf8f46MwQ==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

114
devices/xmupc2/default.nix Normal file
View File

@@ -0,0 +1,114 @@
inputs:
{
config =
{
nixos =
{
system =
{
fileSystems =
{
mount =
{
vfat."/dev/disk/by-uuid/467C-02E3" = "/boot/efi";
btrfs =
{
"/dev/disk/by-uuid/2f9060bc-09b5-4348-ad0f-3a43a91d158b" = { "/nix" = "/nix"; "/nix/boot" = "/boot"; };
"/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12" =
{
"/nix/rootfs" = "/nix/rootfs";
"/nix/persistent" = "/nix/persistent";
"/nix/nodatacow" = "/nix/nodatacow";
"/nix/rootfs/current" = "/";
};
};
};
swap = [ "/nix/swap/swap" ];
rollingRootfs =
{
device = "/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12";
waitDevices = [ "/dev/disk/by-partuuid/cdbfc7d4-965e-42f2-89a3-eb2202849429" ];
};
};
grub.installDevice = "efi";
nixpkgs =
{
march = "skylake";
cuda =
{
enable = true;
capabilities =
[
# p5000 p400
"6.1"
# 2080 Ti
"7.5"
# 3090
"8.6"
# 4090
"8.9"
];
forwardCompat = false;
};
};
gui = { preferred = false; autoStart = true; };
kernel.patches = [ "cjktty" "lantian" ];
networking.hostname = "xmupc2";
};
hardware =
{
cpus = [ "intel" ];
gpu.type = "nvidia";
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
sound.enable = true;
};
packages.packageSet = "workstation";
virtualization = { waydroid.enable = true; docker.enable = true; kvmHost = { enable = true; gui = true; }; };
services =
{
snapper.enable = true;
fontconfig.enable = true;
sshd = { enable = true; passwordAuthentication = true; };
xray.client =
{
enable = true;
serverAddress = "74.211.99.69";
serverName = "vps6.xserver.chn.moe";
dns.extraInterfaces = [ "docker0" ];
};
firewall.trustedInterfaces = [ "virbr0" "waydroid0" ];
smartd.enable = true;
beesd =
{
enable = true;
instances = { root = { device = "/"; hashTableSizeMB = 16384; threads = 4; }; };
};
wireguard =
{
enable = true;
peers = [ "vps6" ];
publicKey = "JEY7D4ANfTpevjXNvGDYO6aGwtBGRXsf/iwNwjwDRQk=";
wireguardIp = "192.168.83.7";
};
slurm =
{
enable = true;
cpu = { cores = 16; threads = 2; };
memoryMB = 94208;
gpus = { "3090" = 1; "4090" = 1; };
};
xrdp = { enable = true; hostname = [ "xmupc2.chn.moe" ]; };
samba =
{
enable = true;
hostsAllowed = "192.168. 127.";
shares = { home.path = "/home"; root.path = "/"; };
};
};
bugs = [ "xmunet" "amdpstate" ];
users.users = [ "chn" "xll" "zem" "yjq" "gb" ];
};
};
}

44
devices/xmupc2/secrets/default.yaml Normal file
View File

@@ -0,0 +1,44 @@
acme:
cloudflare.ini: ENC[AES256_GCM,data:PjCyozvFTXxA///enYYbaMZ8ISfFjJviLVKfdOcMSi5G3CEjEsp1Ez4krbgy4/eJo4v9HfTN0bMmUnl2OHOyzTg=,iv:e1iQZ5JUHkzfnfP956Lzl3FWs11xdULctA5MZsALtU0=,tag:8X2Q/Hixxn/ci4XRSUDidg==,type:str]
nginx:
maxmind-license: ENC[AES256_GCM,data:/7R7w+fiMw54Cmd7y/wT/s8RMqFMf3Fc0Mph0ZhURmCzowkmLEhtmw==,iv:i+Z+2NbssI864Edwf73SQfaeFuWoqr+U8eQ/8R23FOk=,tag:8ITlkS97vlsmHM1HDk6/3A==,type:str]
xray-client:
uuid: ENC[AES256_GCM,data:4PM/d263HgBseIgRplgo5ahJ8u8HuPznXt2hW5O+VawS6WjP,iv:98Ymj4eiCGQPMcaHBI9zJAaRagm82mF0LY2c9bzA+/s=,tag:8imXq/hxAxS5XKy0uWIBPw==,type:str]
wireguard:
privateKey: ENC[AES256_GCM,data:Azaqung7llErB7/IdnOnEkwjQ39yQHKcO7VgvMDCDTExM7nS0zx+yMYX4ls=,iv:FX8oLHMBVEnKkYOg8q2A9vFmtRZDws5T87+lEl7+2G8=,tag:DdOQUbNKB6JK7Tp6McQ0Og==,type:str]
users:
xll: ENC[AES256_GCM,data:tGzKVg4prhg9oXOSX0FJIAWdF79CWsFuiU8U12dSnkBIgRXPZlJkz9mLLTENm6SjftItt/ku4MDj94KnM+nPYkIorTYtEuergg==,iv:oavvRf7/21LuDksUiXLfR2/qQNz5O6JyroxX1DwC6gc=,tag:qYbW1ZQtXo+2qGrl5wuZkA==,type:str]
zem: ENC[AES256_GCM,data:r2BDtAfMohsnoqw51/flvkiXe/EtJtDhakEyOTPX2E7cikfPtPD9iJPd2RnNkS3QPBKg08ex5ce2e3ywzGgNX5RKrxIacpxSSA==,iv:VfhEqTvS9qVFGif+SkBdz8VR6BXEnncMYcPQW4qqNk8=,tag:t4JBEhX+6iqnrd0JoLKpmA==,type:str]
yjq: ENC[AES256_GCM,data:Yb9gVDrWhpmBYI8JlGee30J+PVFVGLo4btFVGToUVj3Sr2bPetY96mEJoxYQha7SPKBoZ7+ePzWYiYOi43MZ6sYndj3C6sYmYg==,iv:2H2+ZmIIDJAKds1XSMqVcUpsix3rbxLkVlBIIAK3ifg=,tag:7redx03BsscRrk+e7dqXdg==,type:str]
gb: ENC[AES256_GCM,data:ZoprrHc2l0nkqy4ujYQfxNENMEnfpRhCIxX7jMPoWeTrJt2sE1AloWeVFsArJKTx8krpW96X3AXpUIauMH9kc/CviPop2QMgDw==,iv:fOIVPEHDvyZ45G9uRbx2gBE0KuZy+aEWALlXusDJ1YU=,tag:G6hZLn9/99Kj+wZAeNyxkQ==,type:str]
mariadb:
slurm: ENC[AES256_GCM,data:qQMD8SKNmxb3PdScXNqppF9zkX7dV5i7rvljvZuhiI5zLnu77qYCHBW6ymh0mrY14N9NjxmQZhZWX/H8TvBlcg==,iv:J5N3LjCYW3QmuEkMBpl7qvPFW1Z9ZoPLkj45jKcIW9U=,tag:Tl+ld07+lVkmzt7f/f2MqQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RWIreCtMeTZ0UE9Zd2di
VE9tR0x6SUNyWjlPV1BqMU5Tb0RTSXNGN2hNCkxuVjFFb0xJZTBMekxqdE96RlRh
czF0dHQxdVhsNE5tVWg0Q2RmYktsWDgKLS0tIFY3dHRlbFpsWUsyTzA3RVR1Qyts
UUJHMU13cm1lOXhRYzhSWlFyTFltYWcKDUxABRGskWWpHEFL44gHYzAqaQ3AmBDt
LcL/4IiEs3TwOpuY+WTVx8JKZBOsxcSlNahiDuCnoTbL4gZTPnd0pA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbHd4ZHhsTk5leDlreC9E
TVAzRXVuS0Judk5zTGVWRVhWSUhpMFdscEg0ClVFYzZYZG9hNjJKTlRVZ1I3eXVq
M2Y5by85dE1QM25yQ3g3bFVSL2tsVlkKLS0tIHVYbGxrT0hOQkZ5SHBsQ3UyaVly
ZDNHUjE2QVlCV3p0NHdKYW5IMHVBZzQKkZtfyvfroOntg3yRjMw4jQHiQj8eaB2h
IeIHfW4y01mmVT2ofbtB0xYpjcl4gtUlQ8X3tn5iJ9P8gcVo0G598A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-26T06:04:25Z"
mac: ENC[AES256_GCM,data:2d3i3rcRYrB58vJuyhP4AIB11Ns+zQq0Pli1LF4sAKb75OmJ/qlRcwJKlOCASdY95FfzOQDGjfZheg58fVSd9EbYxX+npMXGUiODa8JRTHgQye3/qjFv14v49zKFJ0dNs13XnOEA4QAry/7gDlb0+M44bNRGPSZSoFX2yJ53smw=,iv:I1YDN6+26BmaWR84kq9zXNXjQ4cRvtzrS2Q13PlUjp0=,tag:sgxcTpOr7T2oXjb5qLRrqw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

24
devices/xmupc2/secrets/munge.key Normal file
View File

@@ -0,0 +1,24 @@
{
"data": "ENC[AES256_GCM,data:tuEymMXW0f7Rui5wrz/xozphTEq6ffkYIfNIoURFNHwH2Cg+aKHz2ox0gk02BJARhPMDrxCYlChkcrEI0ma/T0eBe9sWz3tA8AOwU1lHSZ06d/JWzW7IUIyTac2mnjt3/jY/qpnR4A8wtHwD0j4zkzXgUgFwq7k/fs24acEE4Jo=,iv:iDTS0xswLrwkOYmfomE5hluVONgJYia/RjINDy7T3R0=,tag:oIYNpFCuT2D+X1QEJJiHew==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3aFRRa0NsOUp5MEg3UHcx\nc3g1VFZEQS9Tci9QSnNFYnIrT3hUdVU5cWxjCnU5UXVEdTFXczJzcHVvSjF2WHdB\nYmpyQVVaUFozKzJIZThBbXUxb2k2YzAKLS0tIHE1QXVrOXo1Y3VXMzJJYitWU3Qv\neDF1cndrSi94clh1cS9NczN0UW9pOXcKtrnIj3WovMYdcg5nWnnyRhJhTGLrlwxW\nxQ6bmNrfbZedmCNdjY2lPXmudMXJ8YlWe/HGCe94x3iFlaSwCIGUsA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocFl1SHJEemRySlBnMmNn\nVW9RS1NNdlo4M3l2WGlQaHJmbDBHcjMwaVVnCnY5WExPOXZJVEdYSlJ6UTRBMGJj\ncmlYaUNVV1hnWTNkaWVuV2VuaXN2eU0KLS0tIDBTYnd2NmVYTUJKaHZWRWo3ZlUx\nTEtPZWc2RE1XNG9WTXFOTllWVUVWeUkK+9aLz1rygGAQjpG+oMNUtrDkQaDfg+2q\nnl/CtZZrFD6NXGw6Di0X5t9fQu295NTJ/0qjXnfMigG8gDtxkE+/7g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-02-26T06:04:53Z",
"mac": "ENC[AES256_GCM,data:y0RkPyUwwff95BFL951TxS/x5ORzMsxFJVjopSw+8iVtswD8MT1nmsbwyth4C9OnJ/IAtnZk/CjAt72a68AZpPI+2W/JqJq20ohFoquDNhTlsoyLWdO3Vjrd+Wo3hp0+iKQ3e/uYrF1sTqQO9a3OIxu2sVLM0gEDmIe2nJpLJQo=,iv:EjXTQvVdjzfClNfQ3rPxAFVWVqr7sSOz4ap+nshPEAk=,tag:DcIlf9W7NNqQ+gf8f46MwQ==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

958
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

30
flake.nix
View File

@@ -4,8 +4,10 @@
inputs =
{
nixpkgs.url = "github:CHN-beta/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-2305.url = "github:CHN-beta/nixpkgs/nixos-23.05";
nixpkgs-unstable.url = "github:CHN-beta/nixpkgs/nixos-unstable";
"nixpkgs-23.05".url = "github:CHN-beta/nixpkgs/nixos-23.05";
"nixpkgs-22.11".url = "github:NixOS/nixpkgs/nixos-22.11";
"nixpkgs-22.05".url = "github:NixOS/nixpkgs/nixos-22.05";
home-manager = { url = "github:nix-community/home-manager/release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; };
sops-nix =
{
@@ -18,11 +20,6 @@
nixos-cn = { url = "github:nixos-cn/flakes"; inputs.nixpkgs.follows = "nixpkgs"; };
nur-xddxdd = { url = "github:xddxdd/nur-packages"; inputs.nixpkgs.follows = "nixpkgs"; };
nix-vscode-extensions = { url = "github:nix-community/nix-vscode-extensions"; inputs.nixpkgs.follows = "nixpkgs"; };
nix-alien =
{
url = "github:thiagokokada/nix-alien";
inputs = { nixpkgs.follows = "nixpkgs"; nix-index-database.follows = "nix-index-database"; };
};
impermanence.url = "github:nix-community/impermanence";
qchem = { url = "github:Nix-QChem/NixOS-QChem/release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; };
nixd = { url = "github:nix-community/nixd"; inputs.nixpkgs.follows = "nixpkgs"; };
@@ -30,10 +27,6 @@
nixpak = { url = "github:nixpak/nixpak"; inputs.nixpkgs.follows = "nixpkgs"; };
deploy-rs = { url = "github:serokell/deploy-rs"; inputs.nixpkgs.follows = "nixpkgs"; };
pnpm2nix-nzbr = { url = "github:CHN-beta/pnpm2nix-nzbr"; inputs.nixpkgs.follows = "nixpkgs"; };
# oneapi
lmix = { url = "github:CHN-beta/lmix"; inputs.nixpkgs.follows = "nixpkgs"; };
# nvhpc
dguibert-nur-packages = { url = "github:CHN-beta/dguibert-nur-packages"; inputs.nixpkgs.follows = "nixpkgs"; };
plasma-manager =
{
url = "github:pjones/plasma-manager";
@@ -43,6 +36,7 @@
nur-linyinfeng = { url = "github:linyinfeng/nur-packages"; inputs.nixpkgs.follows = "nixpkgs"; };
nixos-hardware.url = "github:CHN-beta/nixos-hardware";
envfs = { url = "github:Mic92/envfs"; inputs.nixpkgs.follows = "nixpkgs"; };
nix-fast-build = { url = "github:/Mic92/nix-fast-build"; inputs.nixpkgs.follows = "nixpkgs"; };
misskey = { url = "git+https://github.com/CHN-beta/misskey?submodules=1"; flake = false; };
rsshub = { url = "github:DIYgod/RSSHub"; flake = false; };
@@ -60,15 +54,18 @@
win11os-kde = { url = "github:yeyushengfan258/Win11OS-kde"; flake = false; };
fluent-kde = { url = "github:vinceliuice/Fluent-kde"; flake = false; };
rycee = { url = "gitlab:rycee/nur-expressions"; flake = false; };
cascade = { url = "github:CHN-beta/cascade"; flake = false; };
blurred-wallpaper = { url = "github:bouteillerAlan/blurredwallpaper"; flake = false; };
slate = { url = "github:TheBigWazz/Slate"; flake = false; };
linux-surface = { url = "github:linux-surface/linux-surface"; flake = false; };
lepton = { url = "github:black7375/Firefox-UI-Fix"; flake = false; };
lmod = { url = "github:TACC/Lmod"; flake = false; };
mumax = { url = "github:CHN-beta/mumax"; flake = false; };
};
outputs = inputs:
let
localLib = import ./local/lib inputs.nixpkgs.lib;
devices = builtins.attrNames (builtins.readDir ./devices);
in
{
packages.x86_64-linux =
@@ -76,7 +73,7 @@
default = inputs.nixpkgs.legacyPackages.x86_64-linux.writeText "systems"
(builtins.concatStringsSep "\n" (builtins.map
(system: builtins.toString inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel)
[ "pc" "vps6" "vps7" "nas" "surface" ]));
devices));
}
// (
builtins.listToAttrs (builtins.map
@@ -85,7 +82,7 @@
name = system;
value = inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel;
})
[ "pc" "vps6" "vps7" "nas" "surface" "xmupc1" ])
devices)
);
# ssh-keygen -t rsa -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_rsa_key
# ssh-keygen -t ed25519 -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_ed25519_key
@@ -110,7 +107,7 @@
];
};
})
[ "pc" "vps6" "vps7" "nas" "surface" "xmupc1" ]);
devices);
# sudo HTTPS_PROXY=socks5://127.0.0.1:10884 nixos-install --flake .#bootstrap --option substituters http://127.0.0.1:5000 --option require-sigs false --option system-features gccarch-silvermont
# nix-serve -p 5000
# nix copy --substitute-on-destination --to ssh://server /run/current-system
@@ -146,7 +143,8 @@
inputs.self.nixosConfigurations.${node};
};
})
[ "vps6" "vps7" "nas" "surface" ]);
[ "vps6" "vps7" "nas" "surface" "xmupc1" ]
);
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib;
overlays.default = final: prev:

1
local/pkgs/aocc/default.nix Normal file
View File

@@ -0,0 +1 @@
1k9anln9hmdjflrkq4iacrmhma7gfrfj6d0b8ywxys0wfpdvy12v

18
local/pkgs/chromiumos-touch-keyboard/default.nix
View File

@@ -1,18 +0,0 @@
{ lib, stdenv, fetchFromGitHub, fetchurl, cmake }: stdenv.mkDerivation rec
{
pname = "chromiumos-touch-keyboard";
version = "1.4.1";
src = fetchFromGitHub
{
owner = "CHN-beta";
repo = "chromiumos_touch_keyboard";
rev = "32b72240ccac751a1b983152f65aa5b19503ffcf";
sha256 = "eFesDSBS2VzTOVfepgXYGynWvkrCSdCV9C/gcG/Ocbg=";
};
cmakeFlags = [ "-DCMAKE_CXX_FLAGS=-Wno-error=stringop-truncation" ];
nativeBuildInputs = [ cmake ];
postInstall =
''
cp $out/etc/touch_keyboard/layouts/YB1-X9x-pc105.csv $out/etc/touch_keyboard/layout.csv
'';
}

43
local/pkgs/default.nix
View File

@@ -2,21 +2,9 @@
{
typora = callPackage ./typora {};
vesta = callPackage ./vesta {};
oneapi = callPackage ./oneapi {};
rsshub = callPackage ./rsshub { src = topInputs.rsshub; };
misskey = callPackage ./misskey { nodejs = nodejs_21; src = topInputs.misskey; };
mk-meili-mgn = callPackage ./mk-meili-mgn {};
# vasp = callPackage ./vasp
# {
# stdenv = pkgs.lmix-pkgs.intel21Stdenv;
# intel-mpi = pkgs.lmix-pkgs.intel-oneapi-mpi_2021_9_0;
# ifort = pkgs.lmix-pkgs.intel-oneapi-ifort_2021_9_0;
# };
vasp = callPackage ./vasp
{
openmp = llvmPackages.openmp;
openmpi = pkgs.openmpi.override { cudaSupport = false; };
};
vaspkit = callPackage ./vaspkit { attrsToList = (import ../lib lib).attrsToList; };
v-sim = callPackage ./v-sim { src = topInputs.v-sim; };
concurrencpp = callPackage ./concurrencpp { stdenv = gcc13Stdenv; src = topInputs.concurrencpp; };
@@ -36,7 +24,7 @@
mirism = callPackage ./mirism
{
inherit cppcoro nameof tgbot-cpp date;
nghttp2 = nghttp2-2305.override { enableAsioLib = true; };
nghttp2 = pkgs."nghttp2-23.05".override { enableAsioLib = true; };
};
cppcoro = callPackage ./cppcoro { src = topInputs.cppcoro; };
date = callPackage ./date { src = topInputs.date; };
@@ -49,4 +37,33 @@
fluent-kde = callPackage ./fluent-kde { src = topInputs.fluent-kde; };
blurred-wallpaper = callPackage ./blurred-wallpaper { src = topInputs.blurred-wallpaper; };
slate = callPackage ./slate { src = topInputs.slate; };
nvhpc = callPackage ./nvhpc {};
lmod = callPackage ./lmod { src = topInputs.lmod; };
vasp =
{
source = callPackage ./vasp/source.nix {};
gnu = callPackage ./vasp/gnu
{
inherit (llvmPackages) openmp;
inherit (unstablePackages) wannier90;
hdf5 = hdf5.override { mpiSupport = true; fortranSupport = true; };
};
nvidia = callPackage ./vasp/nvidia
{
inherit lmod;
nvhpc = nvhpc."24.1";
hdf5 = hdf5-nvhpc.override { nvhpc = nvhpc."24.1"; };
inherit (unstablePackages) wannier90;
};
intel = callPackage ./vasp/intel
{
inherit lmod;
oneapi = oneapi."2022.2";
hdf5 = hdf5.override { mpiSupport = true; fortranSupport = true; };
inherit (unstablePackages) wannier90;
};
};
hdf5-nvhpc = callPackage ./hdf5-nvhpc { inherit lmod; inherit (hdf5) src; nvhpc = nvhpc."24.1"; };
oneapi = callPackage ./oneapi {};
mumax = callPackage ./mumax { src = topInputs.mumax; };
}

40
local/pkgs/hdf5-nvhpc/default.nix Normal file
View File

@@ -0,0 +1,40 @@
{
buildFHSEnv, writeScript, stdenvNoCC,
src,
nvhpc, lmod, cmake, gfortran,
config, nvhpcArch ? config.nvhpcArch or "px"
}:
let
buildEnv = buildFHSEnv
{
name = "buildEnv";
targetPkgs = pkgs: with pkgs; [ zlib ];
extraBwrapArgs = [ "--bind" "$out" "$out" ];
};
buildScript = writeScript "build"
''
. ${lmod}/share/lmod/lmod/init/bash
module use ${nvhpc}/share/nvhpc/modulefiles
module load nvhpc
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=$out -DHDF5_INSTALL_CMAKE_DIR=$out/lib/cmake \
-DHDF5_BUILD_FORTRAN=ON -DHDF5_ENABLE_PARALLEL=ON -DBUILD_SHARED_LIBS=ON ..
make -j$NIX_BUILD_CORES
make install
'';
in stdenvNoCC.mkDerivation
{
name = "hdf5-nvhpc";
inherit src;
dontConfigure = true;
enableParallelBuilding = true;
nativeBuildInputs = [ cmake gfortran ];
buildPhase =
''
mkdir -p $out
${buildEnv}/bin/buildEnv ${buildScript}
'';
dontInstall = true;
requiredSystemFeatures = [ "nvhpcarch-${nvhpcArch}" ];
}

14
local/pkgs/lmod/default.nix Normal file
View File

@@ -0,0 +1,14 @@
{
stdenv, src,
tcl,
procps, bc, lua
}:
stdenv.mkDerivation
{
name = "lmod";
inherit src;
buildInputs = [ tcl ];
nativeBuildInputs = [ procps bc (lua.withPackages (ps: with ps; [ luaposix ])) ];
configurePhase = ''./configure --prefix=$out/share'';
postUnpack = "patchShebangs .";
}

4
local/pkgs/misskey/default.nix
View File

@@ -1,6 +1,6 @@
{
lib, stdenv, mkPnpmPackage, fetchurl, nodejs, writeShellScript, buildFHSEnv,
bash, cypress, vips, pkg-config, src
bash, cypress, vips, pkg-config, src, libtensorflow
}:
let
name = "misskey";
@@ -8,6 +8,7 @@ let
{
inherit name src nodejs;
copyPnpmStore = true;
extraIntegritySha256."https://github.com/aiscript-dev/aiscript-languageserver/releases/download/0.1.5/aiscript-dev-aiscript-languageserver-0.1.5.tgz" = "1mhnwa8h48bc21f0zv8q93aphiqz9i70r7m4xsa4sd1mlncfgyl7";
};
startScript = writeShellScript "misskey"
''
@@ -31,6 +32,7 @@ in
''
export HOME=$NIX_BUILD_TOP # Some packages need a writable HOME
export npm_config_nodedir=${nodejs}
pnpm config set reporter append-only
runHook preConfigure

22
local/pkgs/mumax/default.nix Normal file
View File

@@ -0,0 +1,22 @@
{ buildGoModule, cudatoolkit, src, config, cudaCapabilities ? config.cudaCapabilities, gcc, makeWrapper }:
# TODO: use addDriverRunpath
buildGoModule
{
name = "mumax";
inherit src;
vendorHash = null;
nativeBuildInputs = [ cudatoolkit gcc makeWrapper ];
CUDA_CC = builtins.concatStringsSep " " cudaCapabilities;
CPATH = "${cudatoolkit}/include";
LIBRARY_PATH = "${cudatoolkit}/lib/stubs";
doCheck = false;
postInstall =
''
rm $out/bin/{doc,test}
for i in $out/bin/*; do
if [ -f $i ]; then
wrapProgram $i --prefix LD_LIBRARY_PATH ":" "/run/opengl-driver/lib:${cudatoolkit}/lib"
fi
done
'';
}

42
local/pkgs/nvhpc/default.nix Normal file
View File

@@ -0,0 +1,42 @@
{
stdenvNoCC, fetchurl, buildFHSEnv,
gfortran, flock
}:
let
versions =
{
"24.1" = "1n0x1x7ywvr3623ylvrjagayn44mbvfas3c3062p7y3asmgjx697";
"23.1" = "1xg933f4n1bw39y1x1vrjrbzpx36sbmjgvi332hfck3dbx0n982m";
};
releaseName = version:
let versions = builtins.splitVersion version;
in "nvhpc_20${builtins.elemAt versions 0}_${builtins.concatStringsSep "" versions}_Linux_x86_64_cuda_multi";
builder = buildFHSEnv
{
name = "builder";
targetPkgs = pkgs: with pkgs; [ coreutils ];
extraBwrapArgs = [ "--bind" "$out" "$out" ];
};
in let buildNvhpc = version: stdenvNoCC.mkDerivation
{
pname = "nvhpc";
inherit version;
src = fetchurl
{
url = "https://developer.download.nvidia.com/hpc-sdk/${version}/${releaseName version}.tar.gz";
sha256 = versions.${version};
};
dontFixup = true;
dontBuild = true;
buildInputs = [ gfortran flock ];
installPhase =
''
export NVHPC_SILENT=true
export NVHPC_INSTALL_TYPE=single
export NVHPC_INSTALL_DIR=$out/share/nvhpc
# $out should exist before bwrap
mkdir -p $out
${builder}/bin/builder ./install
'';
};
in builtins.mapAttrs (version: _: buildNvhpc version) versions

88
local/pkgs/oneapi/default.nix Normal file
View File

@@ -0,0 +1,88 @@
{
stdenvNoCC, fetchurl, buildFHSEnv,
ncurses
}:
let
versions =
{
"2022.2" =
{
basekit =
{
id = "18673";
version = "2022.2.0.262";
sha256 = "03qx6sb58mkhc7iyc8va4y1ihj6l3155dxwmqj8dfw7j2ma7r5f6";
components =
[
"intel.oneapi.lin.dpcpp-ct"
"intel.oneapi.lin.dpcpp_dbg"
"intel.oneapi.lin.dpl"
"intel.oneapi.lin.tbb.devel"
"intel.oneapi.lin.ccl.devel"
"intel.oneapi.lin.dpcpp-cpp-compiler"
"intel.oneapi.lin.dpl"
"intel.oneapi.lin.mkl.devel"
];
};
hpckit =
{
id = "18679";
version = "2022.2.0.191";
sha256 = "0swz4w9bn58wwqjkqhjqnkcs8k8ms9nn9s8k7j5w6rzvsa6817d2";
};
};
"2024.0" =
{
basekit =
{
id = "163da6e4-56eb-4948-aba3-debcec61c064";
version = "2024.0.1.46";
sha256 = "1sp1fgjv8xj8qxf8nv4lr1x5cxz7xl5wv4ixmfmcg0gyk28cjq1g";
};
hpckit =
{
id = "67c08c98-f311-4068-8b85-15d79c4f277a";
version = "2024.0.1.38";
sha256 = "06vpdz51w2v4ncgk8k6y2srlfbbdqdmb4v4bdwb67zsg9lmf8fp9";
};
};
};
builder = buildFHSEnv
{
name = "builder";
targetPkgs = pkgs: with pkgs; [ coreutils zlib ];
extraBwrapArgs = [ "--bind" "$out" "$out" ];
runScript = "sh";
};
componentString = components: if components == null then "--components default" else
" --components " + (builtins.concatStringsSep ":" components);
in let buildOneapi = version: stdenvNoCC.mkDerivation rec
{
pname = "oneapi";
inherit version;
basekit = fetchurl
{
url = "https://registrationcenter-download.intel.com/akdlm/IRC_NAS/${versions.${version}.basekit.id}/"
+ "l_BaseKit_p_${versions.${version}.basekit.version}_offline.sh";
sha256 = versions.${version}.basekit.sha256;
};
hpckit = fetchurl
{
url = "https://registrationcenter-download.intel.com/akdlm/IRC_NAS/${versions.${version}.hpckit.id}/"
+ "l_HPCKit_p_${versions.${version}.hpckit.version}_offline.sh";
sha256 = versions.${version}.hpckit.sha256;
};
phases = [ "installPhase" ];
nativeBuildInputs = [ ncurses ];
installPhase =
''
mkdir -p $out
${builder}/bin/builder ${basekit} -a --silent --eula accept --install-dir $out/share/intel \
${componentString versions.${version}.basekit.components or null}
${builder}/bin/builder ${hpckit} -a --silent --eula accept --install-dir $out/share/intel \
${componentString versions.${version}.hpckit.components or null}
${builder}/bin/builder $out/share/intel/modulefiles-setup.sh --output-dir=$out/share/intel/modulefiles \
--ignore-latest
'';
};
in builtins.mapAttrs (version: _: buildOneapi version) versions

42
local/pkgs/typora/default.nix
View File

@@ -1,42 +0,0 @@
{ lib, stdenv, steam-run, fetchurl, writeShellScript }:
let
typora-dist = stdenv.mkDerivation rec
{
pname = "typora-dist";
version = "1.8.2-dev";
src = fetchurl
{
url = "https://download.typora.io/linux/typora_${version}_amd64.deb";
sha256 = "0abi9m8h8k0228ajag26lxk756a7aqqixg608k85gnkdmibnq6mv";
};
dontFixup = true;
unpackPhase =
''
ar x ${src}
tar xf data.tar.xz
'';
installPhase =
''
mkdir -p $out
mv usr/share $out
'';
};
in stdenv.mkDerivation rec
{
pname = "typora";
inherit (typora-dist) version;
BuildInputs = [ typora-dist steam-run ];
startScript = writeShellScript "typora" "${steam-run}/bin/steam-run ${typora-dist}/share/typora/Typora $@";
phases = [ "installPhase" ];
installPhase =
''
mkdir -p $out/bin $out/share/applications
ln -s ${startScript} $out/bin/typora
cp ${typora-dist}/share/applications/typora.desktop $out/share/applications
sed -i "s|Exec=.*|Exec=${startScript} %U|g" $out/share/applications/typora.desktop
sed -i "s|Icon=.*|Icon=${typora-dist}/share/icons/hicolor/256x256/apps/typora.png|g" \
$out/share/applications/typora.desktop
'';
}

22
local/pkgs/vasp/constr_cell_relax.F Normal file
View File

@@ -0,0 +1,22 @@
SUBROUTINE CONSTR_CELL_RELAX(FCELL)
USE prec
REAL(q) FCELL(3,3)
LOGICAL FILFLG
INTEGER ICELL(3,3)
INQUIRE(FILE='OPTCELL',EXIST=FILFLG)
IF (FILFLG) THEN
OPEN(67,FILE='OPTCELL',FORM='FORMATTED',STATUS='OLD')
DO J=1,3
READ(67,"(3I1)") (ICELL(I,J),I=1,3)
ENDDO
CLOSE(67)
DO J=1,3
DO I=1,3
IF (ICELL(I,J)==0) FCELL(I,J)=0.0
ENDDO
ENDDO
ENDIF
RETURN
END SUBROUTINE

77
local/pkgs/vasp/default.nix
View File

@@ -1,77 +0,0 @@
# {
# stdenv, requireFile, config, rsync, intel-mpi, ifort,
# mkl
# }:
# stdenv.mkDerivation rec
# {
# pname = "vasp";
# version = "6.4.0";
# # nix-store --query --hash $(nix store add-path ./vasp-6.4.0)
# src = requireFile
# {
# name = "${pname}-${version}";
# sha256 = "189i1l5q33ynmps93p2mwqf5fx7p4l50sls1krqlv8ls14s3m71f";
# hashMode = "recursive";
# message = "Source file not found.";
# };
# VASP_TARGET_CPU = if config ? oneapiArch then "-x${config.oneapiArch}" else "";
# MKLROOT = mkl;
# makeFlags = "DEPS=1";
# enableParallelBuilding = true;
# buildInputs = [ mkl intel-mpi ifort ];
# nativeBuildInputs = [ rsync ];
# configurePhase =
# ''
# cp arch/makefile.include.intel makefile.include
# echo "CPP_OPTIONS += -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj" >> makefile.include
# echo "OBJECTS_LIB += getshmem.o" >> makefile.include
# mkdir -p bin
# '';
# installPhase =
# ''
# mkdir -p $out/bin
# for i in std gam ncl; do
# cp bin/vasp_$i $out/bin/vasp-cpu-${version}-$i
# done
# '';
# doStrip = false;
# doFixup = false;
# }
{
stdenvNoCC, requireFile, rsync, blas, scalapack, openmpi, openmp, gfortran, gcc, fftwMpi
}:
stdenvNoCC.mkDerivation rec
{
pname = "vasp";
version = "6.4.0";
# nix-store --query --hash $(nix store add-path ./vasp-6.4.0)
src = requireFile
{
name = "${pname}-${version}";
sha256 = "189i1l5q33ynmps93p2mwqf5fx7p4l50sls1krqlv8ls14s3m71f";
hashMode = "recursive";
message = "Source file not found.";
};
# VASP_TARGET_CPU = if config ? oneapiArch then "-x${config.oneapiArch}" else "";
# MKLROOT = mkl;
makeFlags = "DEPS=1";
enableParallelBuilding = true;
buildInputs = [ blas scalapack openmpi openmp gfortran gfortran.cc gcc fftwMpi.dev fftwMpi ];
nativeBuildInputs = [ rsync ];
FFTW_ROOT = fftwMpi.dev;
configurePhase =
''
cp ${./makefile.include/${version}-gnu} makefile.include
chmod +w makefile.include
echo "CPP_OPTIONS += -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj" >> makefile.include
echo "OBJECTS_LIB += getshmem.o" >> makefile.include
mkdir -p bin
'';
installPhase =
''
mkdir -p $out/bin
for i in std gam ncl; do
cp bin/vasp_$i $out/bin/vasp-gnu-${version}-$i
done
'';
}

46
local/pkgs/vasp/gnu/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{
stdenvNoCC, requireFile, writeShellApplication,
rsync, blas, scalapack, mpi, openmp, gfortran, gcc, fftwMpi, hdf5, wannier90
}:
let
sources = import ../source.nix { inherit requireFile; };
vasp = version: stdenvNoCC.mkDerivation rec
{
pname = "vasp-gnu";
inherit version;
src = sources.${version};
configurePhase =
''
cp ${./makefile.include-${version}} makefile.include
cp ${../constr_cell_relax.F} src/constr_cell_relax.F
mkdir -p bin
'';
enableParallelBuilding = true;
makeFlags = "DEPS=1";
buildInputs = [ blas scalapack mpi openmp fftwMpi.dev fftwMpi hdf5 hdf5.dev wannier90 ];
nativeBuildInputs = [ rsync gfortran gfortran.cc gcc ];
FFTW_ROOT = fftwMpi.dev;
HDF5_ROOT = hdf5.dev;
WANNIER90_ROOT = wannier90;
installPhase =
''
mkdir -p $out/bin
for i in std gam ncl; do
cp bin/vasp_$i $out/bin/vasp-$i
done
'';
};
startScript = version: writeShellApplication
{
name = "vasp-gnu-${version}";
runtimeInputs = [ (vasp version) ];
text =
''
if [ -n "''${SLURM_CPUS_PER_TASK-}" ] && [ -n "''${SLURM_THREADS_PER_CPU-}" ]; then
export OMP_NUM_THREADS=$(( SLURM_CPUS_PER_TASK * SLURM_THREADS_PER_CPU ))
fi
export PATH=$PATH:$PWD
exec "$@"
'';
};
in builtins.mapAttrs (version: _: startScript version) sources

92
local/pkgs/vasp/gnu/makefile.include-6.3.1 Normal file
View File

@@ -0,0 +1,92 @@
# Default precompiler options
CPP_OPTIONS = -DHOST=\"LinuxGNU\" \
-DMPI -DMPI_BLOCK=8000 -Duse_collective \
-DscaLAPACK \
-DCACHE_SIZE=4000 \
-Davoidalloc \
-Dvasp6 \
-Duse_bse_te \
-Dtbdyn \
-Dfock_dblbuf \
-D_OPENMP -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = gcc -E -C -w $*$(FUFFIX) >$*$(SUFFIX) $(CPP_OPTIONS)
FC = mpif90 -fopenmp
FCL = mpif90 -fopenmp
FREE = -ffree-form -ffree-line-length-none
FFLAGS = -w -ffpe-summary=none
OFLAG = -O2
OFLAG_IN = $(OFLAG)
DEBUG = -O0
OBJECTS = fftmpiw.o fftmpi_map.o fftw3d.o fft3dlib.o
OBJECTS_O1 += fftw3d.o fftmpi.o fftmpiw.o
OBJECTS_O2 += fft3dlib.o
# For what used to be vasp.5.lib
CPP_LIB = $(CPP)
FC_LIB = $(FC)
CC_LIB = gcc
CFLAGS_LIB = -O
FFLAGS_LIB = -O1
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = g++
LLIBS = -lstdc++
##
## Customize as of this point! Of course you may change the preceding
## part of this file as well if you like, but it should rarely be
## necessary ...
##
# When compiling on the target machine itself, change this to the
# relevant target when cross-compiling for another architecture
# VASP_TARGET_CPU ?= -march=native
# FFLAGS += $(VASP_TARGET_CPU)
# For gcc-10 and higher (comment out for older versions)
FFLAGS += -fallow-argument-mismatch
# BLAS and LAPACK (mandatory)
# OPENBLAS_ROOT ?= /path/to/your/openblas/installation
# BLASPACK = -L$(OPENBLAS_ROOT)/lib -lopenblas
BLASPACK = -lblas
# scaLAPACK (mandatory)
# SCALAPACK_ROOT ?= /path/to/your/scalapack/installation
# SCALAPACK = -L$(SCALAPACK_ROOT)/lib -lscalapack
SCALAPACK = -lscalapack
LLIBS += $(SCALAPACK) $(BLASPACK)
# FFTW (mandatory)
FFTW_ROOT ?= /path/to/your/fftw/installation
LLIBS += -L$(FFTW_ROOT)/lib -lfftw3 -lfftw3_omp
INCS += -I$(FFTW_ROOT)/include
# HDF5-support (optional but strongly recommended)
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (recommended)
#CPP_OPTIONS+= -Dsysv
#FCL += fftlib.o
#CXX_FFTLIB = g++ -fopenmp -std=c++11 -DFFTLIB_THREADSAFE
#INCS_FFTLIB = -I./include -I$(FFTW_ROOT)/include
#LIBS += fftlib
#LLIBS += -ldl

23
local/pkgs/vasp/makefile.include/6.4.0-gnu → local/pkgs/vasp/gnu/makefile.include-6.4.0
View File

@@ -8,7 +8,7 @@ CPP_OPTIONS = -DHOST=\"LinuxGNU\" \
-Duse_bse_te \
-Dtbdyn \
-Dfock_dblbuf \
-D_OPENMP
-D_OPENMP -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = gcc -E -C -w $*$(FUFFIX) >$*$(SUFFIX) $(CPP_OPTIONS)
@@ -35,7 +35,7 @@ CFLAGS_LIB = -O
FFLAGS_LIB = -O1
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = g++
@@ -68,21 +68,20 @@ SCALAPACK = -lscalapack
LLIBS += $(SCALAPACK) $(BLASPACK)
# FFTW (mandatory)
# FFTW_ROOT ?= /path/to/your/fftw/installation
# LLIBS += -L$(FFTW_ROOT)/lib -lfftw3 -lfftw3_omp
LLIBS += -lfftw3 -lfftw3_omp
FFTW_ROOT ?= /path/to/your/fftw/installation
LLIBS += -L$(FFTW_ROOT)/lib -lfftw3 -lfftw3_omp
INCS += -I$(FFTW_ROOT)/include
# HDF5-support (optional but strongly recommended)
#CPP_OPTIONS+= -DVASP_HDF5
#HDF5_ROOT ?= /path/to/your/hdf5/installation
#LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
#INCS += -I$(HDF5_ROOT)/include
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
#CPP_OPTIONS += -DVASP2WANNIER90
#WANNIER90_ROOT ?= /path/to/your/wannier90/installation
#LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (recommended)
CPP_OPTIONS+= -Dsysv

71
local/pkgs/vasp/intel/default.nix Normal file
View File

@@ -0,0 +1,71 @@
{
buildFHSEnv, writeScript, stdenvNoCC, requireFile, substituteAll, symlinkJoin,
config, oneapiArch ? config.oneapiArch or "SSE3",
oneapi, gfortran, gcc, glibc, lmod, rsync, which, hdf5, wannier90
}:
let
versions = import ../source.nix;
buildEnv = buildFHSEnv
{
name = "buildEnv";
# make "module load mpi" success
targetPkgs = pkgs: with pkgs; [ zlib (writeTextDir "etc/release" "") ];
};
buildScript = writeScript "build"
''
. ${lmod}/share/lmod/lmod/init/bash
module use ${oneapi}/share/intel/modulefiles
module load tbb compiler-rt oclfpga # dependencies
module load mpi mkl compiler
mkdir -p bin
make DEPS=1 -j$NIX_BUILD_CORES std
'';
include = version: substituteAll
{
src = ./makefile.include-${version};
inherit oneapiArch;
gcc = symlinkJoin { name = "gcc"; paths = [ gfortran gfortran.cc gcc ]; };
};
vasp = version: stdenvNoCC.mkDerivation rec
{
pname = "vasp";
inherit version;
src = requireFile
{
name = "${pname}-${version}";
sha256 = versions.${version};
hashMode = "recursive";
message = "Source file not found.";
};
configurePhase =
''
cp ${include version} makefile.include
cp ${../constr_cell_relax.F} src/constr_cell_relax.F
'';
enableParallelBuilding = false;
buildInputs = [ hdf5 hdf5.dev wannier90 glibc glibc.dev ];
nativeBuildInputs = [ gfortran gfortran.cc gcc rsync which ];
HDF5_ROOT = hdf5.dev;
WANNIER90_ROOT = wannier90;
buildPhase = "${buildEnv}/bin/buildEnv ${buildScript}";
installPhase =
''
mkdir -p $out/bin
for i in std gam ncl; do cp bin/vasp_$i $out/bin/vasp-$i; done
'';
};
startScript = version: writeScript "vasp-intel-${version}"
''
. ${lmod}/share/lmod/lmod/init/bash
module use ${oneapi}/share/intel/modulefiles
module load tbb compiler-rt oclfpga # dependencies
module load mpi mkl compiler
exec "$@"
'';
runEnv = version: buildFHSEnv
{
name = "vasp-intel-${version}";
targetPkgs = pkgs: with pkgs; [ zlib (vasp version) (writeTextDir "etc/release" "") ];
runScript = startScript version;
};
in builtins.mapAttrs (version: _: runEnv version) versions

82
local/pkgs/vasp/intel/makefile.include-6.3.1 Normal file
View File

@@ -0,0 +1,82 @@
# Default precompiler options
CPP_OPTIONS = -DHOST=\"LinuxIFC\" \
-DMPI -DMPI_BLOCK=8000 -Duse_collective \
-DscaLAPACK \
-DCACHE_SIZE=4000 \
-Davoidalloc \
-Dvasp6 \
-Duse_bse_te \
-Dtbdyn \
-Dfock_dblbuf \
-D_OPENMP -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = fpp -f_com=no -free -w0 $*$(FUFFIX) $*$(SUFFIX) $(CPP_OPTIONS)
FC = I_MPI_FC=ifort mpif90 -qopenmp
FCL = I_MPI_FC=ifort mpif90
FREE = -free -names lowercase
FFLAGS = -assume byterecl -w
OFLAG = -O2
OFLAG_IN = $(OFLAG)
DEBUG = -O0
OBJECTS = fftmpiw.o fftmpi_map.o fftw3d.o fft3dlib.o
OBJECTS_O1 += fftw3d.o fftmpi.o fftmpiw.o
OBJECTS_O2 += fft3dlib.o
# For what used to be vasp.5.lib
CPP_LIB = $(CPP)
FC_LIB = $(FC)
CC_LIB = icc
CFLAGS_LIB = -O
FFLAGS_LIB = -O1
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = icpc
LLIBS = -lstdc++
##
## Customize as of this point! Of course you may change the preceding
## part of this file as well if you like, but it should rarely be
## necessary ...
##
# When compiling on the target machine itself, change this to the
# relevant target when cross-compiling for another architecture
VASP_TARGET_CPU ?= -x@oneapiArch@
FFLAGS += $(VASP_TARGET_CPU)
# Intel MKL for FFTW, BLAS, LAPACK, and scaLAPACK
# (Note: for Intel Parallel Studio's MKL use -mkl instead of -qmkl)
FCL += -qmkl
MKLROOT ?= /path/to/your/mkl/installation
INCS =-I$(MKLROOT)/include/fftw
# Use a separate scaLAPACK installation (optional but recommended in combination with OpenMPI)
# Comment out the two lines below if you want to use scaLAPACK from MKL instead
#SCALAPACK_ROOT ?= /path/to/your/scalapack/installation
#LLIBS += -L${SCALAPACK_ROOT}/lib -lscalapack
# HDF5-support (optional but strongly recommended)
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (hardly any benefit in combination with MKL's FFTs)
#CPP_OPTION += -Dsysv
#FCL = mpif90 fftlib.o -qmkl
#CXX_FFTLIB = icpc -qopenmp -std=c++11 -DFFTLIB_USE_MKL -DFFTLIB_THREADSAFE
#INCS_FFTLIB = -I./include -I$(MKLROOT)/include/fftw
#LIBS += fftlib

82
local/pkgs/vasp/intel/makefile.include-6.4.0 Normal file
View File

@@ -0,0 +1,82 @@
# Default precompiler options
CPP_OPTIONS = -DHOST=\"LinuxIFC\" \
-DMPI -DMPI_BLOCK=8000 -Duse_collective \
-DscaLAPACK \
-DCACHE_SIZE=4000 \
-Davoidalloc \
-Dvasp6 \
-Duse_bse_te \
-Dtbdyn \
-Dfock_dblbuf \
-D_OPENMP -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = fpp -f_com=no -free -w0 $*$(FUFFIX) $*$(SUFFIX) $(CPP_OPTIONS)
FC = I_MPI_F90=ifort mpif90 -qopenmp
FCL = I_MPI_F90=ifort mpif90
FREE = -free -names lowercase
FFLAGS = -assume byterecl -w
OFLAG = -O2
OFLAG_IN = $(OFLAG)
DEBUG = -O0
OBJECTS = fftmpiw.o fftmpi_map.o fftw3d.o fft3dlib.o
OBJECTS_O1 += fftw3d.o fftmpi.o fftmpiw.o
OBJECTS_O2 += fft3dlib.o
# For what used to be vasp.5.lib
CPP_LIB = $(CPP)
FC_LIB = $(FC)
CC_LIB = icc
CFLAGS_LIB = -O
FFLAGS_LIB = -O1
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = icpc
LLIBS = -lstdc++
##
## Customize as of this point! Of course you may change the preceding
## part of this file as well if you like, but it should rarely be
## necessary ...
##
# When compiling on the target machine itself, change this to the
# relevant target when cross-compiling for another architecture
VASP_TARGET_CPU ?= -x@oneapiArch@
FFLAGS += $(VASP_TARGET_CPU)
# Intel MKL for FFTW, BLAS, LAPACK, and scaLAPACK
# (Note: for Intel Parallel Studio's MKL use -mkl instead of -qmkl)
FCL += -qmkl
MKLROOT ?= /path/to/your/mkl/installation
INCS =-I$(MKLROOT)/include/fftw
# Use a separate scaLAPACK installation (optional but recommended in combination with OpenMPI)
# Comment out the two lines below if you want to use scaLAPACK from MKL instead
#SCALAPACK_ROOT ?= /path/to/your/scalapack/installation
#LLIBS += -L${SCALAPACK_ROOT}/lib -lscalapack
# HDF5-support (optional but strongly recommended)
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (hardly any benefit in combination with MKL's FFTs)
#CPP_OPTION += -Dsysv
#FCL = mpif90 fftlib.o -qmkl
#CXX_FFTLIB = icpc -qopenmp -std=c++11 -DFFTLIB_USE_MKL -DFFTLIB_THREADSAFE
#INCS_FFTLIB = -I./include -I$(MKLROOT)/include/fftw
#LIBS += fftlib

71
local/pkgs/vasp/nvidia/default.nix Normal file
View File

@@ -0,0 +1,71 @@
{
buildFHSEnv, writeScript, stdenvNoCC, requireFile, substituteAll,
config, cudaCapabilities ? config.cudaCapabilities, nvhpcArch ? config.nvhpcArch or "px",
nvhpc, lmod, mkl, gfortran, rsync, which, hdf5, wannier90
}:
let
sources = import ../source.nix { inherit requireFile; };
buildEnv = buildFHSEnv
{
name = "buildEnv";
targetPkgs = pkgs: with pkgs; [ zlib ];
};
buildScript = writeScript "build"
''
. ${lmod}/share/lmod/lmod/init/bash
module use ${nvhpc}/share/nvhpc/modulefiles
module load nvhpc
mkdir -p bin
make DEPS=1 -j$NIX_BUILD_CORES
'';
include = version: substituteAll
{
src = ./makefile.include-${version};
cudaCapabilities = builtins.concatStringsSep "," (builtins.map
(cap: "cc${builtins.replaceStrings ["."] [""] cap}")
cudaCapabilities);
inherit nvhpcArch;
};
vasp = version: stdenvNoCC.mkDerivation rec
{
pname = "vasp";
inherit version;
src = sources.${version};
configurePhase =
''
cp ${include version} makefile.include
cp ${../constr_cell_relax.F} src/constr_cell_relax.F
'';
enableParallelBuilding = true;
buildInputs = [ mkl hdf5 wannier90 ];
nativeBuildInputs = [ gfortran rsync which ];
MKLROOT = "${mkl}";
HDF5_ROOT = "${hdf5}";
WANNIER90_ROOT = "${wannier90}";
buildPhase = "${buildEnv}/bin/buildEnv ${buildScript}";
installPhase =
''
mkdir -p $out/bin
for i in std gam ncl; do cp bin/vasp_$i $out/bin/vasp-$i; done
'';
requiredSystemFeatures = [ "nvhpcarch-${nvhpcArch}" ];
};
startScript = version: writeScript "vasp-nvidia-${version}"
''
. ${lmod}/share/lmod/lmod/init/bash
module use ${nvhpc}/share/nvhpc/modulefiles
module load nvhpc
# if SLURM_CPUS_PER_TASK and SLURM_THREADS_PER_CPU are set, use them to set OMP_NUM_THREADS
if [ -n "''${SLURM_CPUS_PER_TASK-}" ] && [ -n "''${SLURM_THREADS_PER_CPU-}" ]; then
export OMP_NUM_THREADS=$(( SLURM_CPUS_PER_TASK * SLURM_THREADS_PER_CPU ))
fi
exec "$@"
'';
runEnv = version: buildFHSEnv
{
name = "vasp-nvidia-${version}";
targetPkgs = pkgs: with pkgs; [ zlib (vasp version) ];
runScript = startScript version;
};
in builtins.mapAttrs (version: _: runEnv version) sources

109
local/pkgs/vasp/nvidia/makefile.include-6.3.1 Normal file
View File

@@ -0,0 +1,109 @@
# Default precompiler options
CPP_OPTIONS = -DHOST=\"LinuxNV\" \
-DMPI -DMPI_BLOCK=8000 -Duse_collective \
-DscaLAPACK \
-DCACHE_SIZE=4000 \
-Davoidalloc \
-Dvasp6 \
-Duse_bse_te \
-Dtbdyn \
-Dqd_emulate \
-Dfock_dblbuf \
-D_OPENMP \
-D_OPENACC \
-DUSENCCL -DUSENCCLP2P -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = nvfortran -Mpreprocess -Mfree -Mextend -E $(CPP_OPTIONS) $*$(FUFFIX) > $*$(SUFFIX)
# N.B.: you might need to change the cuda-version here
# to one that comes with your NVIDIA-HPC SDK
FC = mpif90 -acc -gpu=@cudaCapabilities@ -mp
FCL = mpif90 -acc -gpu=@cudaCapabilities@ -mp -c++libs
FREE = -Mfree
FFLAGS = -Mbackslash -Mlarge_arrays
OFLAG = -fast
DEBUG = -Mfree -O0 -traceback
OBJECTS = fftmpiw.o fftmpi_map.o fftw3d.o fft3dlib.o
LLIBS = -cudalib=cublas,cusolver,cufft,nccl -cuda
# Redefine the standard list of O1 and O2 objects
SOURCE_O1 := pade_fit.o
SOURCE_O2 := pead.o
# For what used to be vasp.5.lib
CPP_LIB = $(CPP)
FC_LIB = nvfortran
CC_LIB = nvc -w
CFLAGS_LIB = -O
FFLAGS_LIB = -O1 -Mfixed
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = nvc++ --no_warnings
##
## Customize as of this point! Of course you may change the preceding
## part of this file as well if you like, but it should rarely be
## necessary ...
##
# When compiling on the target machine itself , change this to the
# relevant target when cross-compiling for another architecture
VASP_TARGET_CPU ?= -tp=@nvhpcArch@
FFLAGS += $(VASP_TARGET_CPU)
# Specify your NV HPC-SDK installation (mandatory)
#... first try to set it automatically
NVROOT =$(shell which nvfortran | awk -F /compilers/bin/nvfortran '{ print $$1 }')
# If the above fails, then NVROOT needs to be set manually
#NVHPC ?= /opt/nvidia/hpc_sdk
#NVVERSION = 21.11
#NVROOT = $(NVHPC)/Linux_x86_64/$(NVVERSION)
## Improves performance when using NV HPC-SDK >=21.11 and CUDA >11.2
#OFLAG_IN = -fast -Mwarperf
#SOURCE_IN := nonlr.o
# Software emulation of quadruple precsion (mandatory)
QD ?= $(NVROOT)/compilers/extras/qd
LLIBS += -L$(QD)/lib -lqdmod -lqd
INCS += -I$(QD)/include/qd
# Intel MKL for FFTW, BLAS, LAPACK, and scaLAPACK
MKLROOT ?= /path/to/your/mkl/installation
LLIBS_MKL = -Mmkl -L$(MKLROOT)/lib -lmkl_scalapack_lp64 -lmkl_blacs_openmpi_lp64
INCS += -I$(MKLROOT)/include/fftw
# Use a separate scaLAPACK installation (optional but recommended in combination with OpenMPI)
# Comment out the two lines below if you want to use scaLAPACK from MKL instead
# SCALAPACK_ROOT ?= /path/to/your/scalapack/installation
# LLIBS_MKL = -L$(SCALAPACK_ROOT)/lib -lscalapack -Mmkl
LLIBS += $(LLIBS_MKL)
# HDF5-support (optional but strongly recommended)
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (hardly any benefit for the OpenACC GPU port, especially in combination with MKL's FFTs)
#CPP_OPTIONS+= -Dsysv
#FCL += fftlib.o
#CXX_FFTLIB = nvc++ -mp --no_warnings -std=c++11 -DFFTLIB_USE_MKL -DFFTLIB_THREADSAFE
#INCS_FFTLIB = -I./include -I$(MKLROOT)/include/fftw
#LIBS += fftlib
#LLIBS += -ldl

109
local/pkgs/vasp/nvidia/makefile.include-6.4.0 Normal file
View File

@@ -0,0 +1,109 @@
# Default precompiler options
CPP_OPTIONS = -DHOST=\"LinuxNV\" \
-DMPI -DMPI_INPLACE -DMPI_BLOCK=8000 -Duse_collective \
-DscaLAPACK \
-DCACHE_SIZE=4000 \
-Davoidalloc \
-Dvasp6 \
-Duse_bse_te \
-Dtbdyn \
-Dqd_emulate \
-Dfock_dblbuf \
-D_OPENMP \
-D_OPENACC \
-DUSENCCL -DUSENCCLP2P -Duse_shmem -Dshmem_bcast_buffer -Dshmem_rproj
CPP = nvfortran -Mpreprocess -Mfree -Mextend -E $(CPP_OPTIONS) $*$(FUFFIX) > $*$(SUFFIX)
# N.B.: you might need to change the cuda-version here
# to one that comes with your NVIDIA-HPC SDK
FC = mpif90 -acc -gpu=@cudaCapabilities@ -mp
FCL = mpif90 -acc -gpu=@cudaCapabilities@ -mp -c++libs
FREE = -Mfree
FFLAGS = -Mbackslash -Mlarge_arrays
OFLAG = -fast
DEBUG = -Mfree -O0 -traceback
OBJECTS = fftmpiw.o fftmpi_map.o fftw3d.o fft3dlib.o
LLIBS = -cudalib=cublas,cusolver,cufft,nccl -cuda
# Redefine the standard list of O1 and O2 objects
SOURCE_O1 := pade_fit.o minimax_dependence.o
SOURCE_O2 := pead.o
# For what used to be vasp.5.lib
CPP_LIB = $(CPP)
FC_LIB = nvfortran
CC_LIB = nvc -w
CFLAGS_LIB = -O
FFLAGS_LIB = -O1 -Mfixed
FREE_LIB = $(FREE)
OBJECTS_LIB = linpack_double.o getshmem.o
# For the parser library
CXX_PARS = nvc++ --no_warnings
##
## Customize as of this point! Of course you may change the preceding
## part of this file as well if you like, but it should rarely be
## necessary ...
##
# When compiling on the target machine itself , change this to the
# relevant target when cross-compiling for another architecture
VASP_TARGET_CPU ?= -tp=@nvhpcArch@
FFLAGS += $(VASP_TARGET_CPU)
# Specify your NV HPC-SDK installation (mandatory)
#... first try to set it automatically
NVROOT =$(shell which nvfortran | awk -F /compilers/bin/nvfortran '{ print $$1 }')
# If the above fails, then NVROOT needs to be set manually
#NVHPC ?= /opt/nvidia/hpc_sdk
#NVVERSION = 21.11
#NVROOT = $(NVHPC)/Linux_x86_64/$(NVVERSION)
## Improves performance when using NV HPC-SDK >=21.11 and CUDA >11.2
#OFLAG_IN = -fast -Mwarperf
#SOURCE_IN := nonlr.o
# Software emulation of quadruple precsion (mandatory)
QD ?= $(NVROOT)/compilers/extras/qd
LLIBS += -L$(QD)/lib -lqdmod -lqd
INCS += -I$(QD)/include/qd
# Intel MKL for FFTW, BLAS, LAPACK, and scaLAPACK
MKLROOT ?= /path/to/your/mkl/installation
LLIBS_MKL = -Mmkl -L$(MKLROOT)/lib -lmkl_scalapack_lp64 -lmkl_blacs_openmpi_lp64
INCS += -I$(MKLROOT)/include/fftw
# Use a separate scaLAPACK installation (optional but recommended in combination with OpenMPI)
# Comment out the two lines below if you want to use scaLAPACK from MKL instead
# SCALAPACK_ROOT ?= /path/to/your/scalapack/installation
# LLIBS_MKL = -L$(SCALAPACK_ROOT)/lib -lscalapack -Mmkl
LLIBS += $(LLIBS_MKL)
# HDF5-support (optional but strongly recommended)
CPP_OPTIONS+= -DVASP_HDF5
HDF5_ROOT ?= /path/to/your/hdf5/installation
LLIBS += -L$(HDF5_ROOT)/lib -lhdf5_fortran
INCS += -I$(HDF5_ROOT)/include
# For the VASP-2-Wannier90 interface (optional)
CPP_OPTIONS += -DVASP2WANNIER90
WANNIER90_ROOT ?= /path/to/your/wannier90/installation
LLIBS += -L$(WANNIER90_ROOT)/lib -lwannier
# For the fftlib library (hardly any benefit for the OpenACC GPU port, especially in combination with MKL's FFTs)
#CPP_OPTIONS+= -Dsysv
#FCL += fftlib.o
#CXX_FFTLIB = nvc++ -mp --no_warnings -std=c++11 -DFFTLIB_USE_MKL -DFFTLIB_THREADSAFE
#INCS_FFTLIB = -I./include -I$(MKLROOT)/include/fftw
#LIBS += fftlib
#LLIBS += -ldl

16
local/pkgs/vasp/source.nix Normal file
View File

@@ -0,0 +1,16 @@
{ requireFile }:
let
hashes =
{
# nix-store --query --hash $(nix store add-path ./vasp-6.4.0)
"6.3.1" = "1xdr5kjxz6v2li73cbx1ls5b1lnm6z16jaa4fpln7d3arnnr1mgx";
"6.4.0" = "189i1l5q33ynmps93p2mwqf5fx7p4l50sls1krqlv8ls14s3m71f";
};
sources = version: sha256: requireFile
{
name = "vasp-${version}";
inherit sha256;
hashMode = "recursive";
message = "Source file not found.";
};
in builtins.mapAttrs sources hashes

8
local/pkgs/vaspkit/default.nix
View File

@@ -7,15 +7,15 @@ let
hashMode = "recursive";
message = "POTCAR not found.";
};
unwrapped = stdenv.mkDerivation
unwrapped = stdenv.mkDerivation rec
{
pname = "vaspkit-unwrapped";
version = "1.4.1";
version = "1.5.1";
buildInputs = [ autoPatchelfHook stdenv.cc.cc ];
src = fetchurl
{
url = "mirror://sourceforge/vaspkit/Binaries/vaspkit.1.4.1.linux.x64.tar.gz";
sha256 = "0i5m7nbvqk7hzxisyydjvs2l8lnvj9vsxa170783kv9zmp51lnvs";
url = "mirror://sourceforge/vaspkit/Binaries/vaspkit.${version}.linux.x64.tar.gz";
sha256 = "1cbj1mv7vx18icwlk9d2vfavsfd653943xg2ywzd8b7pb43xrfs1";
};
installPhase =
''

7
modules/default.nix
View File

@@ -21,12 +21,9 @@ inputs:
[
topInputs.qchem.overlays.default
topInputs.nixd.overlays.default
topInputs.nix-alien.overlays.default
topInputs.napalm.overlays.default
topInputs.pnpm2nix-nzbr.overlays.default
topInputs.lmix.overlays.default
topInputs.aagl.overlays.default
(import "${topInputs.dguibert-nur-packages}/overlays/nvhpc-overlay")
(final: prev:
{
nix-vscode-extensions = topInputs.nix-vscode-extensions.extensions."${prev.system}";
@@ -35,8 +32,8 @@ inputs:
deploy-rs =
{ inherit (prev) deploy-rs; inherit ((topInputs.deploy-rs.overlay final prev).deploy-rs) lib; };
# needed by mirism
nghttp2-2305 =
inputs.pkgs.callPackage "${inputs.topInputs.nixpkgs-2305}/pkgs/development/libraries/nghttp2" {};
"nghttp2-23.05" =
inputs.pkgs.callPackage "${inputs.topInputs."nixpkgs-23.05"}/pkgs/development/libraries/nghttp2" {};
firefox-addons = (import "${topInputs.rycee}" { inherit (prev) pkgs; }).firefox-addons;
})
];

153
modules/hardware/default.nix
View File

@@ -1,6 +1,6 @@
inputs:
{
imports = inputs.localLib.mkModules [ ./legion.nix ];
imports = inputs.localLib.mkModules [ ./gpu.nix ./legion.nix ];
options.nixos.hardware = let inherit (inputs.lib) mkOption types; in
{
bluetooth.enable = mkOption { type = types.bool; default = false; };
@@ -8,15 +8,6 @@ inputs:
printer.enable = mkOption { type = types.bool; default = false; };
sound.enable = mkOption { type = types.bool; default = false; };
cpus = mkOption { type = types.listOf (types.enum [ "intel" "amd" ]); default = []; };
gpus = mkOption { type = types.listOf (types.enum [ "intel" "nvidia" "amd" ]); default = []; };
prime =
{
enable = mkOption { type = types.bool; default = false; };
mode = mkOption { type = types.enum [ "offload" "sync" ]; default = "offload"; };
busId = mkOption { type = types.attrsOf types.str; default = {}; };
};
gamemode.drmDevice = mkOption { type = types.int; default = 0; };
halo-keyboard.enable = mkOption { type = types.bool; default = false; };
};
config =
let
@@ -82,147 +73,5 @@ inputs:
concatLists (map (cpu: modules.${cpu}) hardware.cpus);
}
)
# gpus
(
mkIf (hardware.gpus != [])
{
boot.initrd.availableKernelModules =
let
modules =
{
intel = [ "i915" ];
nvidia = [ "nvidia" "nvidia_drm" "nvidia_modeset" "nvidia_uvm" ];
amd = [ "amdgpu" ];
};
in
concatLists (map (gpu: modules.${gpu}) hardware.gpus);
hardware =
{
opengl =
{
enable = true;
driSupport = true;
extraPackages =
with inputs.pkgs;
let
packages =
{
intel = [ intel-compute-runtime intel-media-driver libvdpau-va-gl ]; # intel-vaapi-driver
nvidia = [ vaapiVdpau ];
amd = [ amdvlk rocmPackages.clr rocmPackages.clr.icd ];
};
in
concatLists (map (gpu: packages.${gpu}) hardware.gpus);
driSupport32Bit = true;
};
nvidia = mkIf (builtins.elem "nvidia" hardware.gpus)
{
modesetting.enable = true;
powerManagement.enable = true;
dynamicBoost.enable = true;
nvidiaSettings = true;
package = inputs.config.boot.kernelPackages.nvidiaPackages.production;
};
};
}
)
(mkIf (builtins.elem "intel" hardware.gpus) { services.xserver.videoDrivers = [ "modesetting" ]; })
(mkIf (builtins.elem "amd" hardware.gpus) { services.xserver.videoDrivers = [ "modesetting" ]; })
# prime
(
mkIf hardware.prime.enable
{
hardware.nvidia = mkMerge
[
(
mkIf (hardware.prime.mode == "offload")
{
prime.offload = { enable = true; enableOffloadCmd = true; };
powerManagement = { finegrained = true; enable = true; };
}
)
(
mkIf (hardware.prime.mode == "sync")
{
prime = { sync.enable = true; };
# prime.forceFullCompositionPipeline = true;
}
)
{
prime = listToAttrs
(map (gpu: { inherit (gpu) value; name = "${gpu.name}BusId"; }) (attrsToList hardware.prime.busId));
}
];
}
)
{ programs.gamemode.settings.gpu.gpu_device = "${toString hardware.gamemode.drmDevice}"; }
# halo-keyboard
(mkIf hardware.halo-keyboard.enable
(
let
keyboard = inputs.pkgs.localPackages.chromiumos-touch-keyboard;
support = inputs.pkgs.localPackages.yoga-support;
in
{
services.udev.packages = [ keyboard support ];
systemd.services =
{
touch-keyboard-handler.serviceConfig =
{
Type = "simple";
WorkingDirectory = "/etc/touch_keyboard";
ExecStart = "${keyboard}/bin/touch_keyboard_handler";
};
yogabook-modes-handler.serviceConfig =
{
Type = "simple";
ExecStart = "${support}/bin/yogabook-modes-handler";
StandardOutput = "journal";
};
monitor-sensor =
{
wantedBy = [ "default.target" ];
serviceConfig =
{
Type = "simple";
ExecStart = "${inputs.pkgs.iio-sensor-proxy}/bin/monitor-sensor --hinge";
};
};
};
environment.etc."touch_keyboard".source = "${keyboard}/etc/touch_keyboard";
boot.initrd =
{
services.udev.packages = [ keyboard support ];
systemd =
{
extraBin =
{
touch_keyboard_handler = "${keyboard}/bin/touch_keyboard_handler";
yogabook-modes-handler = "${support}/bin/yogabook-modes-handler";
};
services =
{
touch-keyboard-handler =
{
serviceConfig =
{
Type = "simple";
WorkingDirectory = "/etc/touch_keyboard";
ExecStart = "${keyboard}/bin/touch_keyboard_handler";
};
};
yogabook-modes-handler.serviceConfig =
{
Type = "simple";
ExecStart = "${support}/bin/yogabook-modes-handler";
StandardOutput = "journal";
};
};
};
extraFiles."/etc/touch_keyboard".source = "${keyboard}/etc/touch_keyboard";
};
}
))
];
}

95
modules/hardware/gpu.nix Normal file
View File

@@ -0,0 +1,95 @@
inputs:
{
options.nixos.hardware.gpu = let inherit (inputs.lib) mkOption types; in
{
type = mkOption
{
type = types.nullOr (types.enum
[
# single gpu
"intel" "nvidia" "amd"
# hibrid gpu: use nvidia prime offload mode
"intel+nvidia" "amd+nvidia"
]);
default = null;
};
dynamicBoost = mkOption { type = types.bool; default = false; };
prime =
{
mode = mkOption { type = types.enum [ "offload" "sync" ]; default = "offload"; };
busId = mkOption { type = types.attrsOf types.nonEmptyStr; default = {}; };
};
};
config = let inherit (inputs.config.nixos.hardware) gpu; in inputs.lib.mkIf (gpu.type != null) (inputs.lib.mkMerge
[
# generic settings
(
let gpus = inputs.lib.strings.splitString "+" gpu.type; in
{
boot.initrd.availableKernelModules =
let modules =
{
intel = [ "i915" ];
nvidia = [ "nvidia" "nvidia_drm" "nvidia_modeset" ]; # nvidia-uvm should not be loaded
amd = [ "amdgpu" ];
};
in builtins.concatLists (builtins.map (gpu: modules.${gpu}) gpus);
hardware =
{
opengl =
{
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages =
let packages = with inputs.pkgs;
{
intel = [ intel-vaapi-driver libvdpau-va-gl intel-media-driver ];
nvidia = [ vaapiVdpau ];
amd = [ amdvlk rocmPackages.clr rocmPackages.clr.icd ];
};
in builtins.concatLists (builtins.map (gpu: packages.${gpu}) gpus);
extraPackages32 =
let packages = { intel = []; nvidia = []; amd = [ inputs.pkgs.driversi686Linux.amdvlk ]; };
in builtins.concatLists (builtins.map (gpu: packages.${gpu}) gpus);
};
nvidia = inputs.lib.mkIf (builtins.elem "nvidia" gpus)
{
modesetting.enable = true;
powerManagement.enable = true;
dynamicBoost.enable = inputs.lib.mkIf gpu.dynamicBoost true;
nvidiaSettings = true;
forceFullCompositionPipeline = true;
# package = inputs.config.boot.kernelPackages.nvidiaPackages.production;
prime.allowExternalGpu = true;
};
};
boot =
{
kernelParams = inputs.lib.mkIf (builtins.elem "amd" gpus)
[ "radeon.cik_support=0" "amdgpu.cik_support=1" "radeon.si_support=0" "amdgpu.si_support=1" "iommu=pt" ];
blacklistedKernelModules = [ "nouveau" ];
};
environment.variables.VDPAU_DRIVER = inputs.lib.mkIf (builtins.elem "intel" gpus) "va_gl";
services.xserver.videoDrivers =
let driver = { intel = "modesetting"; amd = "amdgpu"; nvidia = "nvidia"; };
in builtins.map (gpu: driver.${gpu}) gpus;
}
)
# nvidia prime offload
(
inputs.lib.mkIf (inputs.lib.strings.hasSuffix "+nvidia" gpu.type) { hardware.nvidia =
{
prime =
{
offload = inputs.lib.mkIf (gpu.prime.mode == "offload") { enable = true; enableOffloadCmd = true; };
sync = inputs.lib.mkIf (gpu.prime.mode == "sync") { enable = true; };
}
// builtins.listToAttrs (builtins.map
(gpu: { name = "${if gpu.name == "amd" then "amdgpu" else gpu.name}BusId"; value = "PCI:${gpu.value}"; })
(inputs.localLib.attrsToList gpu.prime.busId));
powerManagement.finegrained = inputs.lib.mkIf (gpu.prime.mode == "offload") true;
};}
)
]);
}

11
modules/packages/desktop-fat/default.nix
View File

@@ -1,10 +1,6 @@
inputs:
{
imports = inputs.localLib.mkModules
[
./chromium.nix
./steam.nix
];
imports = inputs.localLib.mkModules [ ./steam.nix ];
config =
let
inherit (inputs.lib) mkIf;
@@ -17,7 +13,7 @@ inputs:
_packages =
[
# system management
etcher btrfs-assistant snapper-gui libsForQt5.qtstyleplugin-kvantum ventoy-full
etcher btrfs-assistant snapper-gui libsForQt5.qtstyleplugin-kvantum ventoy-full cpu-x
# password and key management
yubikey-manager yubikey-manager-qt yubikey-personalization yubikey-personalization-gui bitwarden
# download
@@ -28,7 +24,7 @@ inputs:
spotify yesplaymusic simplescreenrecorder imagemagick gimp netease-cloud-music-gtk vlc obs-studio
waifu2x-converter-cpp inkscape blender
# editor
localPackages.typora
typora
# themes
orchis-theme plasma-overdose-kde-theme materia-kde-theme graphite-kde-theme arc-kde-theme materia-theme
# news
@@ -43,6 +39,7 @@ inputs:
# office
crow-translate zotero pandoc ydict libreoffice-qt texstudio poppler_utils pdftk gnuplot pdfchain hdfview
(texlive.combine { inherit (texlive) scheme-full; inherit (localPackages) citation-style-language; })
nextcloud-client
# math, physics and chemistry
octaveFull root ovito localPackages.vesta localPackages.vaspkit localPackages.v-sim
] ++ (with inputs.lib; filter isDerivation (attrValues plasma5Packages.kdeGear));

3
modules/packages/desktop-fat/chromium.nix → modules/packages/desktop/chromium.nix
View File

@@ -3,8 +3,9 @@ inputs:
config =
let
inherit (inputs.lib) mkIf;
in mkIf (builtins.elem "desktop-fat" inputs.config.nixos.packages._packageSets)
in mkIf (builtins.elem "desktop" inputs.config.nixos.packages._packageSets)
{
programs.chromium = { enable = true; extraOpts.PasswordManagerEnabled = false; };
nixos.users.sharedModules =
[{
config.programs.chromium =

15
modules/packages/desktop/default.nix
View File

@@ -1,6 +1,6 @@
inputs:
{
imports = inputs.localLib.mkModules [ ./vscode.nix ./firefox.nix ];
imports = inputs.localLib.mkModules [ ./vscode.nix ./firefox.nix ./chromium.nix ./plasma ];
config =
let
inherit (inputs.lib) mkIf;
@@ -17,7 +17,7 @@ inputs:
''
#!${bash}/bin/bash
if [ "$XDG_SESSION_TYPE" = "x11" ]; then
exec ${xclip}/bin/xclip "$@"
exec ${xclip}/bin/xclip -sel clip "$@"
else
exec ${wl-clipboard-x11}/bin/xclip "$@"
fi
@@ -33,17 +33,6 @@ inputs:
tela-circle-icon-theme localPackages.win11os-kde localPackages.fluent-kde localPackages.blurred-wallpaper
localPackages.slate utterly-nord-plasma
];
users.sharedModules =
[(homeInputs: {
config.home.file = mkIf (!homeInputs.config.programs.plasma.enable)
{
".config/baloofilerc".text =
''
[Basic Settings]
Indexing-Enabled=false
'';
};
})];
};
programs =
{

16
modules/packages/desktop/firefox.nix
View File

@@ -17,23 +17,23 @@ inputs:
[
immersive-translate tampermonkey bitwarden cookies-txt dualsub firefox-color i-dont-care-about-cookies
metamask pakkujs switchyomega rsshub-radar rsspreview tabliss tree-style-tab ublock-origin wallabagger
wappalyzer grammarly
wappalyzer grammarly plasma-integration
(
buildFirefoxXpiAddon
buildFirefoxXpiAddon rec
{
pname = "zotero-connector";
version = "5.0.114";
version = "5.0.119";
addonId = "zotero@chnm.gmu.edu";
url = "https://download.zotero.org/connector/firefox/release/Zotero_Connector-5.0.114.xpi";
sha256 = "1g9d991m4vfj5x6r86sw754bx7r4qi8g5ddlqp7rcw6wrgydhrhw";
url = "https://download.zotero.org/connector/firefox/release/Zotero_Connector-${version}.xpi";
sha256 = "17yhkp5nrx325q3amlasb4nsw0bldm8i2i9fh8ql2hwj8fmy25mr";
meta = {};
}
)
];
search = { default = "Google"; force = true; };
userChrome = builtins.concatStringsSep "\n" (builtins.map
(file: builtins.readFile "${inputs.topInputs.cascade}/chrome/includes/cascade-${file}.css")
[ "config-mouse" "colours" "layout" "responsive" "floating-panel" "nav-bar" "tabs" ]);
userChrome = builtins.readFile "${inputs.topInputs.lepton}/userChrome.css";
userContent = builtins.readFile "${inputs.topInputs.lepton}/userContent.css";
extraConfig = builtins.readFile "${inputs.topInputs.lepton}/user.js";
settings =
{
# general

98
modules/packages/desktop/plasma/default.nix Normal file
View File

@@ -0,0 +1,98 @@
inputs:
{
imports = inputs.localLib.mkModules [ ./konsole.nix ];
config.nixos.users.sharedModules = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
[{
config.programs.plasma = inputs.lib.mkMerge
[
# TODO: autostart, panel, discard user changed settings
# general
{
enable = true;
configFile.plasma-localerc = { Formats.LANG = "en_US.UTF-8"; Translations.LANGUAGE = "zh_CN"; };
}
# kwin
{
kwin.titlebarButtons =
{
right = [ "help" "keep-below-windows" "keep-above-windows" "minimize" "maximize" "close" ];
left = [ "more-window-actions" ];
};
windows.allowWindowsToRememberPositions = false;
configFile =
{
plasmanotifyrc.Notifications.PopupPosition = "BottomRight";
kwinrc =
{
Tiling.padding = 4;
Wayland."InputMethod[$e]" = "/run/current-system/sw/share/applications/org.fcitx.Fcitx5.desktop";
Windows.RollOverDesktops = true;
Compositing = { AllowTearing = false; WindowsBlockCompositing = false; };
};
};
}
# baloo
{ configFile.baloofilerc."Basic Settings".Indexing-Enabled = false; }
# dolphin and file chooser
{
configFile =
{
dolphinrc =
{
General = { ShowFullPath = true; FilterBar = true; RememberOpenedTabs = false; };
PreviewSettings.Plugins = builtins.concatStringsSep ","
[
"blenderthumbnail"
"comicbookthumbnail"
"djvuthumbnail"
"ebookthumbnail"
"exrthumbnail"
"marble_thumbnail_geojson"
"marble_thumbnail_gpx"
"jpegthumbnail"
"marble_thumbnail_kmz"
"marble_thumbnail_kml"
"kraorathumbnail"
"windowsimagethumbnail"
"windowsexethumbnail"
"mltpreview"
"mobithumbnail"
"opendocumentthumbnail"
"marble_thumbnail_osm"
"palathumbcreator"
"gsthumbnail"
"rawthumbnail"
"svgthumbnail"
"imagethumbnail"
"fontthumbnail"
"directorythumbnail"
"textthumbnail"
"webarchivethumbnail"
"ffmpegthumbs"
"audiothumbnail"
];
};
kdeglobals."KFileDialog Settings" =
{
"Allow Expansion" = true;
"Automatically select filename extension" = true;
"Show Bookmarks" = true;
"Show Full Path" = true;
"Show Inline Previews" = true;
"Show Preview" = true;
"Show Speedbar" = true;
"Show hidden files" = true;
"Sort by" = "Name";
"Sort directories first" = true;
"Sort hidden files last" = true;
"View Style" = "DetailTree";
};
};
}
# krunner
{ configFile.krunnerrc = { General.FreeFloating = true; Plugins.baloosearchEnabled = false; }; }
# lock screen
{ configFile.kscreenlockerrc.Daemon.Autolock = false; }
];
}];
}

84
modules/packages/desktop/plasma/konsole.nix Normal file
View File

@@ -0,0 +1,84 @@
inputs:
{
config = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
{
nixos.users.sharedModules =
[(hmInputs: {
config =
{
programs.plasma =
{
overrideConfig = true;
overrideConfigFiles = [ "konsolerc" "yakuakerc" ];
configFile =
{
yakuakerc =
{
Appearance =
{
HideSkinBorders = true;
Skin = "Slate";
Translucency = true;
};
"Desktop Entry".DefaultProfile = "plasma-manager.profile";
Dialogs.FirstRun = false;
Window =
{
KeepOpen = false;
KeepOpenAfterLastSessionCloses = true;
ShowSystrayIcon = false;
};
};
konsolerc =
{
"Desktop Entry".DefaultProfile = "plasma-manager.profile";
"MainWindow.Toolbar sessionToolbar".ToolButtonStyle = "IconOnly";
};
};
dataFile."konsole/plasma-manager.profile" =
{
Appearance =
{
AntiAliasFonts = true;
BoldIntense = true;
ColorScheme = "Breeze";
Font = "FiraCode Nerd Font Mono,10,-1,5,50,0,0,0,0,0";
UseFontLineChararacters = true;
WordModeAttr = false;
};
"Cursor Options".CursorShape = 1;
General =
{
Name = "plasma-manager";
Parent = "FALLBACK/";
TerminalCenter = true;
TerminalMargin = 1;
};
"Interaction Options" =
{
AutoCopySelectedText = true;
TrimLeadingSpacesInSelectedText = true;
TrimTrailingSpacesInSelectedText = true;
UnderlineFilesEnabled = true;
};
Scrolling =
{
HistoryMode = 2;
ReflowLines = false;
};
"Terminal Features".BlinkingCursorEnabled = true;
};
};
home.file.".local/share/konsole/Breeze.colorscheme".text = builtins.replaceStrings
[ "Opacity=1" ] [ "Opacity=0.9\nBlur=true" ]
(builtins.readFile "${inputs.pkgs.konsole}/share/konsole/Breeze.colorscheme");
};
})];
environment.persistence =
let impermanence = inputs.config.nixos.system.impermanence;
in inputs.lib.mkIf impermanence.enable (inputs.lib.mkMerge (builtins.map
(user:
{ "${impermanence.root}".users.${user}.directories = [ ".local/share/konsole" ".local/share/yakuake" ]; })
inputs.config.nixos.users.users));
};
}

3
modules/packages/desktop/vscode.nix
View File

@@ -22,7 +22,7 @@ inputs:
])
++ (with ms-vscode;
[
cmake-tools cpptools cpptools-extension-pack cpptools-themes hexeditor remote-explorer
(cmake-tools.overrideAttrs { sourceRoot = "extension"; }) cpptools cpptools-extension-pack cpptools-themes hexeditor remote-explorer
test-adapter-converter
])
++ (with ms-vscode-remote; [ remote-ssh remote-containers remote-ssh-edit ])
@@ -46,6 +46,7 @@ inputs:
shd101wyy.markdown-preview-enhanced
# vasp
mystery.vasp-support
yutengjing.open-in-external-app
];
}
)];

6
modules/packages/server/default.nix
View File

@@ -45,16 +45,16 @@ inputs:
# networking
ipset iptables iproute2 dig nettools traceroute tcping-go whois tcpdump nmap inetutils wireguard-tools
# nix tools
nix-output-monitor nix-tree ssh-to-age
nix-output-monitor nix-tree ssh-to-age (callPackage "${inputs.topInputs.nix-fast-build}" {})
# office
todo-txt-cli
todo-txt-cli pdfgrep
# development
gdb try inputs.topInputs.plasma-manager.packages.x86_64-linux.rc2nix hexo-cli
] ++ (with inputs.config.boot.kernelPackages; [ cpupower usbip ]);
_pythonPackages = [(pythonPackages: with pythonPackages;
[
openai python-telegram-bot fastapi pypdf2 pandas matplotlib plotly gunicorn redis jinja2
certifi charset-normalizer idna orjson psycopg2 inquirerpy requests tqdm
certifi charset-normalizer idna orjson psycopg2 inquirerpy requests tqdm pydbus
])];
};
users.sharedModules = [(home-inputs:

15
modules/packages/server/ssh/default.nix
View File

@@ -44,7 +44,7 @@ inputs:
surface =
{
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdm3DcfHdcLP0oSpVrWwIZ/b9lZuakBSPwCFz2BdTJ7";
hostnames = [ "192.168.1.166" ];
hostnames = [ "192.168.1.166" "wireguard.surface.chn.moe" "192.168.83.5" ];
};
pc =
{
@@ -61,6 +61,11 @@ inputs:
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
hostnames = [ "github.com" ];
};
xmupc1 =
{
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvfywkKRwMrVp73HfHTfjhac2Tn9qX/lRjLr09ycHp";
hostnames = [ "[office.chn.moe]:6007" "[xmupc1.chn.moe]:6007" "wireguard.xmupc1.chn.moe" "192.168.83.6" ];
};
};
in listToAttrs (concatLists (map
(server:
@@ -121,7 +126,10 @@ inputs:
(
(builtins.map
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; }; })
[ "vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.pc" "wireguard.nas" ])
[
"vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.pc" "wireguard.nas" "wireguard.surface"
"wireguard.xmupc1"
])
++ (builtins.map
(host:
{
@@ -140,6 +148,9 @@ inputs:
usernameMap =
{
chn = "linwei/chn";
xll = "linwei/Xll";
yjq = "linwei/yjq";
gb = "kangjunyong/gongbin";
};
cdString =
if host == "jykang" && (usernameMap ? ${hmInputs.config.home.username}) then

1
modules/packages/server/ssh/xmupc1_rsa.pub Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVbOvoFVaGkqYzIWsmMFlpkE+TDAONOWWaJBQ0K4fiOLy7uh02b/jYNZrbllPDP+Gq+ikYEJnJX2ceDsh9mLtJTznBQXgJOMUZDYy0enu7hYLKMmRTgJntzHjMbZENMhP+I3N9JnQ1PQz7lICg1xkEBQm2CESYCCjo0rJKYplPH1bo02myEazKlKTn6tu40ysrYOoJO8+jwbUDqtWATjSZtgYojuh6dbIoK3O+Ntgwl4W0NqXEqXYXTWpU0qKOqAsP/9F9WJ5d1wVNNbvmcAJ26dkYaiPCNgW4MGTucAgoxM6IPVVj9U+OEZLoCPsqAGCT02vH5MoDNTmGaSv0DjuYOzz5C+jAhMCznXFXCI4bfawvuda/WwGIniB5iKNSBZt3XxYyUw4YBcVCNiWUt9bIgEvnR4E8HYHdjNrbQ0Z58L6DcPSySLQer7C658Vo/nRUlBq6lIWYhcdjxHHkP9iFtuFW1HmoUKkuaLl+uiflrSppX9wt8eaPwGgGIHkLwgc=

111
modules/packages/server/zsh/default.nix
View File

@@ -5,62 +5,67 @@ inputs:
inherit (inputs.lib) mkIf;
in mkIf (builtins.elem "server" inputs.config.nixos.packages._packageSets)
{
nixos.users.sharedModules = [(home-inputs: { config.programs.zsh =
nixos.users.sharedModules = [(home-inputs: { config.programs =
{
enable = true;
initExtraBeforeCompInit =
''
# p10k instant prompt
P10K_INSTANT_PROMPT="$XDG_CACHE_HOME/p10k-instant-prompt-''${(%):-%n}.zsh"
[[ ! -r "$P10K_INSTANT_PROMPT" ]] || source "$P10K_INSTANT_PROMPT"
HYPHEN_INSENSITIVE="true"
export PATH=~/bin:$PATH
function br
{
local cmd cmd_file code
cmd_file=$(mktemp)
if broot --outcmd "$cmd_file" "$@"; then
cmd=$(<"$cmd_file")
command rm -f "$cmd_file"
eval "$cmd"
else
code=$?
command rm -f "$cmd_file"
return "$code"
fi
}
alias todo="todo.sh"
'';
plugins =
[
{
file = "powerlevel10k.zsh-theme";
name = "powerlevel10k";
src = "${inputs.pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k";
}
{
file = "p10k.zsh";
name = "powerlevel10k-config";
src = ./p10k-config;
}
{
name = "zsh-lsd";
src = inputs.pkgs.fetchFromGitHub
{
owner = "z-shell";
repo = "zsh-lsd";
rev = "65bb5ac49190beda263aae552a9369127961632d";
hash = "sha256-JSNsfpgiqWhtmGQkC3B0R1Y1QnDKp9n0Zaqzjhwt7Xk=";
};
}
];
history =
zsh =
{
path = "${home-inputs.config.xdg.dataHome}/zsh/zsh_history";
extended = true;
save = 100000000;
size = 100000000;
enable = true;
initExtraBeforeCompInit =
''
# p10k instant prompt
P10K_INSTANT_PROMPT="$XDG_CACHE_HOME/p10k-instant-prompt-''${(%):-%n}.zsh"
[[ ! -r "$P10K_INSTANT_PROMPT" ]] || source "$P10K_INSTANT_PROMPT"
HYPHEN_INSENSITIVE="true"
export PATH=~/bin:$PATH
function br
{
local cmd cmd_file code
cmd_file=$(mktemp)
if broot --outcmd "$cmd_file" "$@"; then
cmd=$(<"$cmd_file")
command rm -f "$cmd_file"
eval "$cmd"
else
code=$?
command rm -f "$cmd_file"
return "$code"
fi
}
alias todo="todo.sh"
'';
plugins =
[
{
file = "powerlevel10k.zsh-theme";
name = "powerlevel10k";
src = "${inputs.pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k";
}
{
file = "p10k.zsh";
name = "powerlevel10k-config";
src = ./p10k-config;
}
{
name = "zsh-lsd";
src = inputs.pkgs.fetchFromGitHub
{
owner = "z-shell";
repo = "zsh-lsd";
rev = "65bb5ac49190beda263aae552a9369127961632d";
hash = "sha256-JSNsfpgiqWhtmGQkC3B0R1Y1QnDKp9n0Zaqzjhwt7Xk=";
};
}
];
history =
{
path = "${home-inputs.config.xdg.dataHome}/zsh/zsh_history";
extended = true;
save = 100000000;
size = 100000000;
};
};
# set bash history file path, avoid overwriting zsh history
bash = { enable = true; historyFile = "${home-inputs.config.xdg.dataHome}/bash/bash_history"; };
};})];
programs.zsh =
{

44
modules/packages/workstation/default.nix
View File

@@ -14,9 +14,9 @@ inputs:
# password and key management
electrum jabref
# system management
wl-mirror
wl-mirror nvtop
# nix tools
nix-template nil nix-alien pnpm-lock-export bundix
nix-template nil pnpm-lock-export bundix
# instant messager
qq nur-xddxdd.wechat-uos cinny-desktop nheko
# development
@@ -28,26 +28,23 @@ inputs:
# text editor
appflowy notion-app-enhanced joplin-desktop standardnotes logseq
# math, physics and chemistry
mathematica paraview localPackages.vasp jmol # qchem.quantum-espresso
mathematica paraview jmol mpi localPackages.mumax quantum-espresso
# encryption and password management
john crunch hashcat
# container and vm
genymotion # davinci-resolve playonlinux
genymotion davinci-resolve playonlinux
# browser
microsoft-edge
microsoft-edge tor-browser
# news
rssguard newsflash newsboat
yuzu-early-access
];
]
++ (builtins.concatLists (builtins.map
(compiler: builtins.map (version: localPackages.vasp.${compiler}.${version}) [ "6.3.1" "6.4.0" ])
[ "gnu" "nvidia" ]));
_pythonPackages = [(pythonPackages: with pythonPackages;
[
phonopy tensorflow keras scipy scikit-learn jupyterlab autograd # localPackages.pix2tex
])];
_prebuildPackages =
[
httplib magic-enum xtensor boost cereal cxxopts ftxui yaml-cpp gfortran gcc10 python2
gcc13Stdenv
];
};
users.sharedModules =
[{
@@ -68,29 +65,6 @@ inputs:
anime-game-launcher = { enable = true; package = inputs.pkgs.anime-game-launcher; };
honkers-railway-launcher = { enable = true; package = inputs.pkgs.honkers-railway-launcher; };
nix-ld.enable = true;
gamemode =
{
enable = true;
settings =
{
general.renice = 10;
gpu =
{
apply_gpu_optimisations = "accept-responsibility";
nv_powermizer_mode = 1;
};
custom = let notify-send = "${inputs.pkgs.libnotify}/bin/notify-send"; in
{
start = "${notify-send} 'GameMode started'";
end = "${notify-send} 'GameMode ended'";
};
};
};
chromium =
{
enable = true;
extraOpts.PasswordManagerEnabled = false;
};
};
};
}

3
modules/services/default.nix
View File

@@ -40,6 +40,9 @@ inputs:
./fail2ban.nix
./wireguard.nix
./akkoma.nix
./gamemode.nix
./vikunja.nix
./slurm.nix
];
options.nixos.services = let inherit (inputs.lib) mkOption types; in
{

11
modules/services/fontconfig.nix
View File

@@ -14,13 +14,16 @@ inputs:
{
fontDir.enable = true;
packages = with inputs.pkgs;
[ noto-fonts source-han-sans source-han-serif source-code-pro hack-font jetbrains-mono nerdfonts ];
[
noto-fonts source-han-sans source-han-serif source-code-pro hack-font jetbrains-mono nerdfonts hack-font inter
noto-fonts-color-emoji roboto sarasa-gothic source-han-mono wqy_microhei wqy_zenhei
];
fontconfig.defaultFonts =
{
emoji = [ "Noto Color Emoji" ];
monospace = [ "Noto Sans Mono CJK SC" "Sarasa Mono SC" "DejaVu Sans Mono"];
sansSerif = [ "Noto Sans CJK SC" "Source Han Sans SC" "DejaVu Sans" ];
serif = [ "Noto Serif CJK SC" "Source Han Serif SC" "DejaVu Serif" ];
monospace = [ "Hack" "Source Han Mono SC" ];
sansSerif = [ "Inter" "Liberation Sans" "Source Han Sans SC" ];
serif = [ "Liberation Serif" "Source Han Serif SC" ];
};
};
nixos.users.sharedModules = [{ config.xdg.configFile."fontconfig/conf.d/10-hm-fonts.conf".force = true; }];

30
modules/services/gamemode.nix Normal file
View File

@@ -0,0 +1,30 @@
inputs:
{
options.nixos.services.gamemode = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = false; };
drmDevice = mkOption { type = types.int; };
};
config = let inherit (inputs.config.nixos.services) gamemode; in inputs.lib.mkIf gamemode.enable
{
programs.gamemode =
{
enable = true;
settings =
{
general.renice = 10;
gpu =
{
apply_gpu_optimisations = "accept-responsibility";
nv_powermizer_mode = 1;
gpu_device = builtins.toString gamemode.drmDevice;
};
custom = let notify-send = "${inputs.pkgs.libnotify}/bin/notify-send"; in
{
start = "${notify-send} 'GameMode started'";
end = "${notify-send} 'GameMode ended'";
};
};
};
};
}

2
modules/services/misskey.nix
View File

@@ -114,7 +114,7 @@ inputs:
apiKey: ${placeholder."meilisearch/misskey-${instance.name}"}
ssl: false
index: misskey
scope: globa
scope: global
'' else "");
owner = inputs.config.users.users."misskey-${instance.name}".name;
};

16
modules/services/nextcloud.nix
View File

@@ -52,20 +52,26 @@ inputs:
# nix-prefetch-url --unpack
maps = inputs.pkgs.fetchNextcloudApp
{
url = githubRelease "nextcloud/maps" "v1.1.1/maps-1.1.1.tar.gz";
url = githubRelease "nextcloud/maps" "v1.3.1/maps-1.3.1.tar.gz";
sha256 = "1rcmqnm5364h5gaq1yy6b6d7k17napgn0yc9ymrnn75bps9s71v9";
license = "agpl3";
};
phonetrack = inputs.pkgs.fetchNextcloudApp
{
url = githubRelease "julien-nc/phonetrack" "v0.7.6/phonetrack-0.7.6.tar.gz";
sha256 = "1p15vw7c5c1h08czyxi1r6svjd5hjmnc0i6is4vl3xq2kfjmcyyx";
url = githubRelease "julien-nc/phonetrack" "v0.7.7/phonetrack-0.7.7.tar.gz";
sha256 = "1xvdmb2wlcldv8lk4jb8akhi80w26m2jpazfcz641frjm333kxch";
license = "agpl3";
};
twofactor_webauthn = inputs.pkgs.fetchNextcloudApp
{
url = githubRelease "nextcloud-releases/twofactor_webauthn" "v1.3.0/twofactor_webauthn-v1.3.0.tar.gz";
sha256 = "0z6m2chq5kxc8f10g6n1lh51yi10svy2qp5gp0v8xs71apqcc2wx";
url = githubRelease "nextcloud-releases/twofactor_webauthn" "v1.3.2/twofactor_webauthn-v1.3.2.tar.gz";
sha256 = "1p4ng7nprlcgw7sdfd7wqx5az86a856f1v470lahg2nfbx3fg296";
license = "agpl3";
};
calendar = inputs.pkgs.fetchNextcloudApp
{
url = githubRelease "nextcloud-releases/calendar" "v4.6.5/calendar-v4.6.5.tar.gz";
sha256 = "18mi6ccq640jq21hmir35v2967h07bjv226072d9qz5qkzkmrhss";
license = "agpl3";
};
};

114
modules/services/slurm.nix Normal file
View File

@@ -0,0 +1,114 @@
inputs:
{
options.nixos.services.slurm = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = false; };
cpu =
{
cores = mkOption { type = types.ints.unsigned; };
threads = mkOption { type = types.ints.unsigned; default = 1; };
};
memoryMB = mkOption { type = types.ints.unsigned; };
gpus = mkOption { type = types.attrsOf types.ints.unsigned; };
};
config = let inherit (inputs.config.nixos.services) slurm; in inputs.lib.mkIf slurm.enable
{
services =
{
slurm =
{
server.enable = true;
package = (inputs.pkgs.slurm.override { enableGtk2 = true; }).overrideAttrs
(prev: let inherit (inputs.pkgs.cudaPackages) cuda_nvml_dev; in
{
buildInputs = prev.buildInputs ++ [ cuda_nvml_dev ];
LDFLAGS = [ "-L${cuda_nvml_dev}/lib/stubs" ];
nativeBuildInputs = prev.nativeBuildInputs ++ [ inputs.pkgs.wrapGAppsHook ];
});
clusterName = inputs.config.nixos.system.networking.hostname;
dbdserver =
{
enable = true;
dbdHost = "localhost";
storagePassFile = inputs.config.sops.secrets."slurm/db".path;
extraConfig =
''
StorageHost=*
StorageLoc=slurm
'';
};
client.enable = true;
controlMachine = "localhost";
nodeName =
let gpuString = builtins.concatStringsSep "," (builtins.map
(gpu: "gpu:${gpu.name}:${builtins.toString gpu.value}")
(inputs.localLib.attrsToList slurm.gpus));
in inputs.lib.singleton (builtins.concatStringsSep " "
[
"localhost"
"RealMemory=${builtins.toString slurm.memoryMB}"
"Sockets=1"
"CoresPerSocket=${builtins.toString slurm.cpu.cores}"
"ThreadsPerCore=${builtins.toString slurm.cpu.threads}"
"Gres=${gpuString}"
"State=UNKNOWN"
]);
partitionName = [ "localhost Nodes=localhost Default=YES MaxTime=INFINITE State=UP" ];
procTrackType = "proctrack/cgroup";
extraConfig =
let taskProlog =
''
echo export CUDA_DEVICE_ORDER=PCI_BUS_ID
echo export SLURM_THREADS_PER_CPU=${builtins.toString slurm.cpu.threads}
'';
in
''
SelectType=select/cons_tres
SelectTypeParameters=CR_Core
GresTypes=gpu
TaskProlog=${inputs.pkgs.writeShellScript "set_env" taskProlog}
AccountingStorageType=accounting_storage/slurmdbd
AccountingStorageHost=localhost
AccountingStoreFlags=job_comment,job_env,job_extra,job_script
JobCompType=jobcomp/filetxt
JobCompLoc=/var/log/slurmctld/jobcomp.log
SchedulerParameters=enable_user_top
SlurmdDebug=debug2
'';
extraConfigPaths =
let gpuString = builtins.concatStringsSep "\n" (builtins.map
(gpu: "Name=gpu Type=${gpu.name} Count=${builtins.toString gpu.value}")
(inputs.localLib.attrsToList slurm.gpus));
in [(inputs.pkgs.writeTextDir "gres.conf" "AutoDetect=nvml\n${gpuString}")];
};
munge = { enable = true; password = inputs.config.sops.secrets."munge.key".path; };
};
systemd =
{
services.slurmd.environment =
{
CUDA_PATH = "${inputs.pkgs.cudatoolkit}";
LD_LIBRARY_PATH = "${inputs.config.hardware.nvidia.package}/lib";
};
tmpfiles.rules = [ "d /var/log/slurmctld 700 slurm slurm" ];
};
sops =
{
secrets =
{
"munge.key" =
{
format = "binary";
sopsFile = "${builtins.dirOf inputs.config.sops.defaultSopsFile}/munge.key";
owner = inputs.config.systemd.services.munged.serviceConfig.User;
};
"slurm/db" = { owner = "slurm"; key = "mariadb/slurm"; };
};
};
nixos.services.mariadb = { enable = true; instances.slurm = {}; };
};
}

44
modules/services/vikunja.nix Normal file
View File

@@ -0,0 +1,44 @@
inputs:
{
options.nixos.services.vikunja = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = false; };
autoStart = mkOption { type = types.bool; default = true; };
port = mkOption { type = types.ints.unsigned; default = 3456; };
hostname = mkOption { type = types.nonEmptyStr; default = "vikunja.chn.moe"; };
};
config = let inherit (inputs.config.nixos.services) vikunja; in inputs.lib.mkIf vikunja.enable
{
services.vikunja =
{
enable = true;
environmentFiles = [ inputs.config.sops.templates."vikunja.env".path ];
settings =
{
service.timezone = "Asia/Shanghai";
mailer = { enable = true; host = "mail.chn.moe"; username = "bot@chn.moe"; fromemail = "bot@chn.moe"; };
defaultsettings.discoverable_by_email = true;
};
inherit (vikunja) port;
frontendScheme = "https";
frontendHostname = vikunja.hostname;
database.type = "postgres";
};
sops =
{
templates."vikunja.env".content = let placeholder = inputs.config.sops.placeholder; in
''
VIKUNJA_SERVICE_JWTSECRET=${placeholder."vikunja/jwtsecret"}
VIKUNJA_DATABASE_PASSWORD=${placeholder."postgresql/vikunja"}
VIKUNJA_MAILER_PASSWORD=${placeholder."mail/bot"}
'';
secrets = { "vikunja/jwtsecret" = {}; "mail/bot" = {}; };
};
systemd.services.vikunja-api.enable = vikunja.autoStart;
nixos.services =
{
postgresql = { enable = true; instances.vikunja = {}; };
nginx = { enable = true; https.${vikunja.hostname}.global.configName = vikunja.hostname; };
};
};
}

4
modules/services/wireguard.nix
View File

@@ -52,7 +52,7 @@ inputs:
publicKey = peer.publicKey;
allowedIPs = [ (if peer.lighthouse then "192.168.83.0/24" else "${peer.wireguardIp}/32") ];
endpoint = mkIf (!peer.behindNat) "${peer.listenIp}:${builtins.toString peer.listenPort}";
persistentKeepalive = 3;
persistentKeepalive = mkIf peer.lighthouse 5;
})
(map
(peer: inputs.topInputs.self.nixosConfigurations.${peer}.config.nixos.services.wireguard)
@@ -72,7 +72,7 @@ inputs:
wantedBy = [ "multi-user.target" ];
serviceConfig =
{
ExecStart = "${inputs.pkgs.iputils}/bin/ping -i 3 ${peer.value.wireguardIp}";
ExecStart = "${inputs.pkgs.iputils}/bin/ping -i 5 ${peer.value.wireguardIp}";
Restart = "always";
};
};

30
modules/services/xray.nix
View File

@@ -261,24 +261,18 @@ inputs:
"${iptables} -t mangle -A OUTPUT -j v2ray_mark -w"
]
++ (map (action: "${iptables} -t mangle -A v2ray_mark ${action} -w")
(
(if inputs.config.nixos.system.networking.nebula.enable then
let user = inputs.config.systemd.services."nebula@nebula".serviceConfig.User;
in [ "-m owner --uid-owner $(id -u ${user}) -j RETURN" ]
else [])
++ [
"-m owner --uid-owner $(id -u v2ray) -j RETURN"
"-m set --match-set noproxy_src_net src -j RETURN"
"-m set --match-set xmu_net dst -p tcp -j MARK --set-mark 1/1"
"-m set --match-set xmu_net dst -p udp -j MARK --set-mark 1/1"
"-m set --match-set noproxy_net dst -j RETURN"
"-m set --match-set proxy_net dst -p tcp -j MARK --set-mark 1/1"
"-m set --match-set proxy_net dst -p udp -j MARK --set-mark 1/1"
"-m set --match-set lo_net dst -j RETURN"
"-p tcp -j MARK --set-mark 1/1"
"-p udp -j MARK --set-mark 1/1"
]
))
[
"-m owner --uid-owner $(id -u v2ray) -j RETURN"
"-m set --match-set noproxy_src_net src -j RETURN"
"-m set --match-set xmu_net dst -p tcp -j MARK --set-mark 1/1"
"-m set --match-set xmu_net dst -p udp -j MARK --set-mark 1/1"
"-m set --match-set noproxy_net dst -j RETURN"
"-m set --match-set proxy_net dst -p tcp -j MARK --set-mark 1/1"
"-m set --match-set proxy_net dst -p udp -j MARK --set-mark 1/1"
"-m set --match-set lo_net dst -j RETURN"
"-p tcp -j MARK --set-mark 1/1"
"-p udp -j MARK --set-mark 1/1"
])
++ [
"${ip} rule add fwmark 1/1 table 100"
"${ip} route add local 0.0.0.0/0 dev lo table 100"

27
modules/services/xrdp.nix
View File

@@ -5,6 +5,11 @@ inputs:
enable = mkOption { type = types.bool; default = false; };
port = mkOption { type = types.ints.unsigned; default = 3389; };
hostname = mkOption { type = types.nullOr (types.nonEmptyListOf types.nonEmptyStr); default = null; };
optimise =
{
type = mkOption { type = types.nullOr (types.enum [ "nvidia" "glamor" ]); default = null; };
nvidiaBusId = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
};
};
config =
let
@@ -12,9 +17,29 @@ inputs:
inherit (inputs.config.nixos.services) xrdp;
in mkIf xrdp.enable (mkMerge
[
{
assertions =
[
{
assertion = !inputs.config.nixos.system.envfs.enable;
message = "Somehow xrdp could not start if envfs is enabled";
}
{
assertion = (xrdp.optimise.type == "nvidia") -> (xrdp.optimise.nvidiaBusId != null);
message = "nvidiaBusId must be set if optimise type is nvidia";
}
];
}
{
services.xrdp =
{ enable = true; port = xrdp.port; openFirewall = true; defaultWindowManager = "startplasma-x11"; };
{
enable = true;
package = mkIf (xrdp.optimise.type != null)
(inputs.pkgs.xrdp.override { variant = xrdp.optimise.type; inherit (xrdp.optimise) nvidiaBusId; });
port = xrdp.port;
openFirewall = true;
defaultWindowManager = "${inputs.pkgs.plasma-workspace}/bin/startplasma-x11";
};
}
(
mkIf (xrdp.hostname != null)

12
modules/system/binfmt.nix Normal file
View File

@@ -0,0 +1,12 @@
inputs:
{
options.nixos.system.binfmt = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = true; };
};
config = inputs.lib.mkIf inputs.config.nixos.system.binfmt.enable
{
programs.java = { enable = true; binfmt = true; };
boot.binfmt.emulatedSystems = [ "aarch64-linux" "x86_64-windows" ];
};
}

39
modules/system/default.nix
View File

@@ -6,21 +6,22 @@ inputs:
./fileSystems
./grub.nix
./initrd.nix
./kernel.nix
./kernel
./impermanence.nix
./gui.nix
./nixpkgs.nix
./networking
./networking.nix
./systemd.nix
./security.nix
./sops.nix
./user.nix
./sysctl.nix
./envfs.nix
./binfmt.nix
];
config =
{
services = { dbus.implementation = "broker"; fstrim.enable = true; };
services = { dbus.implementation = "broker"; fstrim.enable = true; acpid.enable = true; };
time.timeZone = "Asia/Shanghai";
boot =
{
@@ -28,21 +29,25 @@ inputs:
# consoleLogLevel = 7;
};
hardware.enableAllFirmware = true;
environment.sessionVariables = rec
environment =
{
XDG_CACHE_HOME = "$HOME/.cache";
XDG_CONFIG_HOME = "$HOME/.config";
XDG_DATA_HOME = "$HOME/.local/share";
XDG_STATE_HOME = "$HOME/.local/state";
# ANDROID_HOME = "${XDG_DATA_HOME}/android";
HISTFILE= "${XDG_STATE_HOME}/bash/history";
CUDA_CACHE_PATH = "${XDG_CACHE_HOME}/nv";
DOCKER_CONFIG = "${XDG_CONFIG_HOME}/docker";
GNUPGHOME = "${XDG_DATA_HOME}/gnupg";
GTK2_RC_FILES = "${XDG_CONFIG_HOME}/gtk-2.0/gtkrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
MATHEMATICA_USERBASE = "${XDG_CONFIG_HOME}/mathematica";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
sessionVariables = rec
{
XDG_CACHE_HOME = "$HOME/.cache";
XDG_CONFIG_HOME = "$HOME/.config";
XDG_DATA_HOME = "$HOME/.local/share";
XDG_STATE_HOME = "$HOME/.local/state";
# ANDROID_HOME = "${XDG_DATA_HOME}/android";
HISTFILE= "${XDG_STATE_HOME}/bash/history";
CUDA_CACHE_PATH = "${XDG_CACHE_HOME}/nv";
DOCKER_CONFIG = "${XDG_CONFIG_HOME}/docker";
GNUPGHOME = "${XDG_DATA_HOME}/gnupg";
GTK2_RC_FILES = "${XDG_CONFIG_HOME}/gtk-2.0/gtkrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
MATHEMATICA_USERBASE = "${XDG_CONFIG_HOME}/mathematica";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
};
variables.NIXOS_CONFIGURATION_REVISION = inputs.config.system.configurationRevision;
};
i18n =
{ defaultLocale = "C.UTF-8"; supportedLocales = [ "zh_CN.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "C.UTF-8/UTF-8" ]; };

6
modules/system/envfs.nix
View File

@@ -2,11 +2,11 @@ inputs:
{
options.nixos.system.envfs = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = true; };
enable = mkOption { type = types.bool; default = false; };
};
config = inputs.lib.mkMerge
config = inputs.lib.mkIf inputs.config.nixos.system.envfs.enable (inputs.lib.mkMerge
[
(builtins.elemAt inputs.topInputs.envfs.nixosModules.envfs.imports 0 inputs)
{ environment.variables.ENVFS_RESOLVE_ALWAYS = "1"; }
];
]);
}

44
modules/system/fileSystems/default.nix
View File

@@ -60,7 +60,11 @@ inputs:
rollingRootfs = mkOption
{
type = types.nullOr (types.submodule { options =
{ device = mkOption { type = types.nonEmptyStr; }; path = mkOption { type = types.nonEmptyStr; }; }; });
{
device = mkOption { type = types.nonEmptyStr; default = "/dev/mapper/root"; };
path = mkOption { type = types.nonEmptyStr; default = "/nix/rootfs"; };
waitDevices = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
};});
default = null;
};
};
@@ -227,6 +231,7 @@ inputs:
grep = "${inputs.pkgs.gnugrep}/bin/grep";
awk = "${inputs.pkgs.gawk}/bin/awk";
chattr = "${inputs.pkgs.e2fsprogs}/bin/chattr";
lsmod = "${inputs.pkgs.kmod}/bin/lsmod";
};
services.roll-rootfs =
{
@@ -235,21 +240,28 @@ inputs:
before = [ "local-fs-pre.target" "sysroot.mount" ];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
script = let inherit (fileSystems.rollingRootfs) device path; in
''
mount ${device} /mnt -m
if [ -f /mnt${path}/current/.timestamp ]
then
timestamp=$(cat /mnt${path}/current/.timestamp)
subvolid=$(btrfs subvolume show /mnt${path}/current | grep 'Subvolume ID:' | awk '{print $NF}')
mv /mnt${path}/current /mnt${path}/$timestamp-$subvolid
btrfs property set -ts /mnt${path}/$timestamp-$subvolid ro true
fi
btrfs subvolume create /mnt${path}/current
chattr +C /mnt${path}/current
echo $(date '+%Y%m%d%H%M%S') > /mnt${path}/current/.timestamp
umount /mnt
'';
script =
let
inherit (fileSystems.rollingRootfs) device path waitDevices;
waitDevice = concatStringsSep "\n" (builtins.map
(device: "while ! [ -e ${device} ]; do sleep 1; done") (waitDevices ++ [ device ]));
in
''
while ! lsmod | grep -q btrfs; do sleep 1; done
${waitDevice}
mount ${device} /mnt -m
if [ -f /mnt${path}/current/.timestamp ]
then
timestamp=$(cat /mnt${path}/current/.timestamp)
subvolid=$(btrfs subvolume show /mnt${path}/current | grep 'Subvolume ID:' | awk '{print $NF}')
mv /mnt${path}/current /mnt${path}/$timestamp-$subvolid
btrfs property set -ts /mnt${path}/$timestamp-$subvolid ro true
fi
btrfs subvolume create /mnt${path}/current
chattr +C /mnt${path}/current
echo $(date '+%Y%m%d%H%M%S') > /mnt${path}/current/.timestamp
umount /mnt
'';
};
};
}

7
modules/system/gui.nix
View File

@@ -17,9 +17,12 @@ inputs:
services.xserver =
{
enable = true;
displayManager = { sddm.enable = true; defaultSession = "plasmawayland"; };
displayManager =
{
sddm.enable = true;
defaultSession = "plasmawayland";
};
desktopManager.plasma5.enable = true;
videoDrivers = inputs.config.nixos.hardware.gpus;
};
systemd.services.display-manager = { after = [ "network-online.target" ]; enable = gui.autoStart; };
environment =

9
modules/system/kernel.nix → modules/system/kernel/default.nix
View File

@@ -2,6 +2,7 @@ inputs:
{
options.nixos.system.kernel = let inherit (inputs.lib) mkOption types; in
{
varient = mkOption { type = types.enum [ "lts" "latest" ]; default = "lts"; };
patches = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
modules =
{
@@ -33,7 +34,11 @@ inputs:
extraModulePackages = (with inputs.config.boot.kernelPackages; [ v4l2loopback ]) ++ kernel.modules.install;
extraModprobeConfig = builtins.concatStringsSep "\n" kernel.modules.modprobeConfig;
kernelParams = [ "delayacct" "acpi_osi=Linux" "acpi.ec_no_wakeup=1" ];
kernelPackages = inputs.pkgs.linuxPackages_xanmod_latest;
kernelPackages =
{
lts = inputs.pkgs.linuxPackages_xanmod;
latest = inputs.pkgs.linuxPackages_xanmod_latest;
}.${kernel.varient};
kernelPatches =
let
patches =
@@ -55,6 +60,7 @@ inputs:
hashes =
{
"6.1" = "11ddiammvjxx2m9v32p25l1ai759a1d6xhdpszgnihv7g2fzigf5";
"6.6" = "19ib0syj3207ifr315gdrnpv6nhh435fmgl05c7k715nng40i827";
"6.7" = "1yfsmc0873xiwlirir0xfp9zyrpd09q1srgr3z4rl7i7lxzaqls8";
};
in hashes."${major}.${minor}";
@@ -121,6 +127,7 @@ inputs:
(builtins.readFile "${inputs.topInputs.linux-surface}/configs/surface-${version}.config")))))
[ "VIDEO_IPU3_IMGU" ];
in kernelPatches ++ [{ name = "surface-config"; patch = null; extraStructuredConfig = kernelConfig; }];
hibernate-progress = [{ name = "hibernate-progress"; patch = ./hibernate-progress.patch; }];
};
in builtins.concatLists (builtins.map (name: patches.${name}) kernel.patches);
};};

116
modules/system/kernel/hibernate-progress.patch Normal file
View File

@@ -0,0 +1,116 @@
diff --git a/kernel/power/swap.c b/kernel/power/swap.c
index d44f5937f1e5..8905c0438b64 100644
--- a/kernel/power/swap.c
+++ b/kernel/power/swap.c
@@ -552,7 +552,7 @@ static int save_image(struct swap_map_handle *handle,
hib_init_batch(&hb);
- pr_info("Saving image data pages (%u pages)...\n",
+ pr_err("Saving image data pages (%u pages)...\n",
nr_to_write);
m = nr_to_write / 10;
if (!m)
@@ -567,7 +567,7 @@ static int save_image(struct swap_map_handle *handle,
if (ret)
break;
if (!(nr_pages % m))
- pr_info("Image saving progress: %3d%%\n",
+ pr_err("Image saving progress: %3d%%\n",
nr_pages / m * 10);
nr_pages++;
}
@@ -577,7 +577,7 @@ static int save_image(struct swap_map_handle *handle,
if (!ret)
ret = err2;
if (!ret)
- pr_info("Image saving done\n");
+ pr_err("Image saving done\n");
swsusp_show_speed(start, stop, nr_to_write, "Wrote");
return ret;
}
@@ -767,8 +767,8 @@ static int save_image_lzo(struct swap_map_handle *handle,
*/
handle->reqd_free_pages = reqd_free_pages();
- pr_info("Using %u thread(s) for compression\n", nr_threads);
- pr_info("Compressing and saving image data (%u pages)...\n",
+ pr_err("Using %u thread(s) for compression\n", nr_threads);
+ pr_err("Compressing and saving image data (%u pages)...\n",
nr_to_write);
m = nr_to_write / 10;
if (!m)
@@ -789,7 +789,7 @@ static int save_image_lzo(struct swap_map_handle *handle,
data_of(*snapshot), PAGE_SIZE);
if (!(nr_pages % m))
- pr_info("Image saving progress: %3d%%\n",
+ pr_err("Image saving progress: %3d%%\n",
nr_pages / m * 10);
nr_pages++;
}
@@ -860,7 +860,7 @@ static int save_image_lzo(struct swap_map_handle *handle,
if (!ret)
ret = err2;
if (!ret)
- pr_info("Image saving done\n");
+ pr_err("Image saving done\n");
swsusp_show_speed(start, stop, nr_to_write, "Wrote");
out_clean:
hib_finish_batch(&hb);
@@ -1071,7 +1071,7 @@ static int load_image(struct swap_map_handle *handle,
hib_init_batch(&hb);
clean_pages_on_read = true;
- pr_info("Loading image data pages (%u pages)...\n", nr_to_read);
+ pr_err("Loading image data pages (%u pages)...\n", nr_to_read);
m = nr_to_read / 10;
if (!m)
m = 1;
@@ -1089,7 +1089,7 @@ static int load_image(struct swap_map_handle *handle,
if (ret)
break;
if (!(nr_pages % m))
- pr_info("Image loading progress: %3d%%\n",
+ pr_err("Image loading progress: %3d%%\n",
nr_pages / m * 10);
nr_pages++;
}
@@ -1099,7 +1099,7 @@ static int load_image(struct swap_map_handle *handle,
if (!ret)
ret = err2;
if (!ret) {
- pr_info("Image loading done\n");
+ pr_err("Image loading done\n");
snapshot_write_finalize(snapshot);
if (!snapshot_image_loaded(snapshot))
ret = -ENODATA;
@@ -1283,8 +1283,8 @@ static int load_image_lzo(struct swap_map_handle *handle,
}
want = ring_size = i;
- pr_info("Using %u thread(s) for decompression\n", nr_threads);
- pr_info("Loading and decompressing image data (%u pages)...\n",
+ pr_err("Using %u thread(s) for decompression\n", nr_threads);
+ pr_err("Loading and decompressing image data (%u pages)...\n",
nr_to_read);
m = nr_to_read / 10;
if (!m)
@@ -1414,7 +1414,7 @@ static int load_image_lzo(struct swap_map_handle *handle,
data[thr].unc + off, PAGE_SIZE);
if (!(nr_pages % m))
- pr_info("Image loading progress: %3d%%\n",
+ pr_err("Image loading progress: %3d%%\n",
nr_pages / m * 10);
nr_pages++;
@@ -1440,7 +1440,7 @@ static int load_image_lzo(struct swap_map_handle *handle,
}
stop = ktime_get();
if (!ret) {
- pr_info("Image loading done\n");
+ pr_err("Image loading done\n");
snapshot_write_finalize(snapshot);
if (!snapshot_image_loaded(snapshot))
ret = -ENODATA;

4
modules/system/networking/default.nix → modules/system/networking.nix
View File

@@ -1,9 +1,5 @@
inputs:
{
imports = inputs.localLib.mkModules
[
./nebula
];
options.nixos.system.networking = let inherit (inputs.lib) mkOption types; in
{
hostname = mkOption { type = types.nonEmptyStr; };

5
modules/system/networking/nebula/ca.crt
View File

@@ -1,5 +0,0 @@
-----BEGIN NEBULA CERTIFICATE-----
CkAKDm5lYnVsYS5jaG4ubW9lKLCXwacGMLD+xbYGOiDwt/rshddhDhyoSVl52cJA
LEgU1ea4Q4L28v/MVXOkUUABEkANATGg8DOPwHmwq6xN2DATxYDCibb5x3qSctHx
RIr8UAr2TlvOQfzoBw3v4DWsqaEC1U5Hw6iQsQp5sQ8DGU4O
-----END NEBULA CERTIFICATE-----

54
modules/system/networking/nebula/default.nix
View File

@@ -1,54 +0,0 @@
inputs:
{
options.nixos.system.networking.nebula = let inherit (inputs.lib) mkOption types; in
{
enable = mkOption { type = types.bool; default = false; };
# null: is lighthouse; non-empty string: is not lighthouse, and use this string as lighthouse address.
lighthouse = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
useRelay = mkOption { type = types.bool; default = false; };
};
config =
let
inherit (inputs.lib) mkIf;
inherit (inputs.config.nixos.system.networking) nebula;
inherit (builtins) concatStringsSep;
in mkIf nebula.enable
{
services.nebula.networks.nebula =
{
enable = true;
ca = ./ca.crt;
# nebula-cert sign -name 1p9p -ip 192.168.82.4/24
cert = ./. + "/${inputs.config.nixos.system.networking.hostname}.crt";
key = inputs.config.sops.templates."nebula/key-template".path;
firewall.inbound = [ { host = "any"; port = "any"; proto = "any"; } ];
firewall.outbound = [ { host = "any"; port = "any"; proto = "any"; } ];
}
// (
if nebula.lighthouse == null then { isLighthouse = true; isRelay = true; }
else
{
lighthouses = [ "192.168.82.1" ];
relays = if nebula.useRelay then [ "192.168.82.1" ] else [];
staticHostMap."192.168.82.1" = [ "${nebula.lighthouse}:4242" ];
}
);
sops =
{
templates."nebula/key-template" =
{
content = concatStringsSep "\n"
[
"-----BEGIN NEBULA X25519 PRIVATE KEY-----"
inputs.config.sops.placeholder."nebula/key"
"-----END NEBULA X25519 PRIVATE KEY-----"
];
owner = inputs.config.systemd.services."nebula@nebula".serviceConfig.User;
group = inputs.config.systemd.services."nebula@nebula".serviceConfig.Group;
};
secrets."nebula/key" = {};
};
networking.firewall.trustedInterfaces = [ "nebula.nebula" ];
systemd.services."nebula@nebula" = { after = [ "network-online.target" ]; serviceConfig.Restart = "always"; };
};
}

6
modules/system/networking/nebula/nas.crt
View File

@@ -1,6 +0,0 @@
-----BEGIN NEBULA CERTIFICATE-----
CmEKA25hcxIKhKShhQyA/v//DyiRxoCoBjCv/sW2BjoghACiJywxa2n7Aki9/HEU
q2KpxFE+1Eshcgiy09UagFxKICju+bVGfbNKKrhV7SCNXhazgyVZYigGrzfpvHza
nafWEkDfhP5lh+/rFLPZslxaU+jy1swpr+oipToAnZ9Lw5Wlefpmxo/8mTBb4a8T
0jhdUC8x4ETwta6LbtWfo7uPinAJ
-----END NEBULA CERTIFICATE-----

6
modules/system/networking/nebula/pc.crt
View File

@@ -1,6 +0,0 @@
-----BEGIN NEBULA CERTIFICATE-----
CmAKAnBjEgqDpKGFDID+//8PKO2hwacGMK/+xbYGOiB7i4bfFMM0+9q52Dj4/Y8h
0IaBkutBjmkeaLQ80a8FXEogKO75tUZ9s0oquFXtII1eFrODJVliKAavN+m8fNqd
p9YSQD7vjiZOcMzKvz98diLoX8PudoxsovuOrU22EEBvNi80Lhoi41axLsFORzDu
El34B/13QO0hi2tlviZvJbI91Ao=
-----END NEBULA CERTIFICATE-----

6
modules/system/networking/nebula/vps6.crt
View File

@@ -1,6 +0,0 @@
-----BEGIN NEBULA CERTIFICATE-----
CmIKBHZwczYSCoGkoYUMgP7//w8ohJnBpwYwr/7FtgY6IPKlZIGl2zkbjoEbmZho
7mMfTWkx0XppzZup96IROdJYSiAo7vm1Rn2zSiq4Ve0gjV4Ws4MlWWIoBq836bx8
2p2n1hJAOvcgC7UjiOGvq9oyv86vdrppIkjOxwz7znpDJAeNrxEURSTsmeCCB7BO
6rEQZ6b4kXqgRXr08OpBnW6FeMvFCA==
-----END NEBULA CERTIFICATE-----

6
modules/system/networking/nebula/vps7.crt
View File

@@ -1,6 +0,0 @@
-----BEGIN NEBULA CERTIFICATE-----
CmIKBHZwczcSCoKkoYUMgP7//w8o0tLQpwYwr/7FtgY6IAfUVax3Lgpt4p9jI4XE
kVkigGDyTo4jeMbTexago5oKSiAo7vm1Rn2zSiq4Ve0gjV4Ws4MlWWIoBq836bx8
2p2n1hJAQ9rquY/z2yiw6fuOCmBF4tT+358MnMd0S6p6fv5fivDsdj7mRLIvmtRl
NRQWKWoHePoivyLu89ZtvyQwFSNRAw==
-----END NEBULA CERTIFICATE-----

12
modules/system/nix.nix
View File

@@ -17,12 +17,13 @@ inputs:
system-features = [ "big-parallel" "nixos-test" "benchmark" ];
experimental-features = [ "nix-command" "flakes" ];
keep-failed = true;
max-substitution-jobs = 1;
max-substitution-jobs = 4;
trusted-public-keys = [ "chn:Cc+nowW1LIpe1kyXOZmNaznFDiH1glXmpb4A+WD/DTE=" ];
show-trace = true;
max-jobs = 1;
max-jobs = 4;
cores = 0;
keep-going = true;
keep-outputs = true;
};
systemd.services.nix-daemon = { serviceConfig.CacheDirectory = "nix"; environment.TMPDIR = "/var/cache/nix"; };
}
@@ -56,17 +57,18 @@ inputs:
}
# marches
{
nix.settings.system-features = map
nix.settings.system-features =
(map
(march: "gccarch-${march}")
(
if nix.marches == null then
(with inputs.config.nixos.system.nixpkgs; if march == null then [] else [ march ])
else nix.marches
);
))
++ (with inputs.config.nixos.system.nixpkgs; if march == null then [] else [ "nvhpcarch-${march}" ]);
}
# includeBuildDependencies
{
nix.settings.keep-outputs = nix.includeBuildDependencies;
system.includeBuildDependencies = nix.includeBuildDependencies;
}
# substituters

210
modules/system/nixpkgs.nix
View File

@@ -9,7 +9,6 @@ inputs:
capabilities = mkOption { type = types.nullOr (types.nonEmptyListOf types.nonEmptyStr); default = null; };
forwardCompat = mkOption { type = types.nullOr types.bool; default = null; };
};
replaceTensorflow = mkOption { type = types.bool; default = false; };
};
config =
let
@@ -18,141 +17,102 @@ inputs:
inherit (inputs.lib.strings) hasPrefix splitString;
inherit (inputs.localLib) mkConditional attrsToList;
inherit (inputs.config.nixos.system) nixpkgs;
in mkMerge
[
{
nixpkgs =
let
permittedInsecurePackages =
[ "openssl_1_1" "electron_19" "python2" "electron_12" "electron_24" "zotero" "electron_25" ];
hostPlatform = mkConditional (nixpkgs.march != null)
{ system = "x86_64-linux"; gcc = { arch = nixpkgs.march; tune = nixpkgs.march; }; }
"x86_64-linux";
noBuildPackages = [];
# noBuildPackages =
# [
# # chromium
# "chromium" "electron" "webkitgtk"
# # old python release
# "python310"
# # nodejs
# "nodejs"
# # haskell
# "haskell"
# # libreoffice
# "libreoffice" "libreoffice-qt" "libreoffice-fresh"
# # java
# "openjdk" "jetbrains"
# ];
in
in
{
nixpkgs =
let
permittedInsecurePackages =
[ "openssl_1_1" "electron_19" "python2" "electron_12" "electron_24" "zotero" "electron_25" ];
hostPlatform = if nixpkgs.march != null
then { system = "x86_64-linux"; gcc = { arch = nixpkgs.march; tune = nixpkgs.march; }; }
else "x86_64-linux";
cudaConfig = inputs.lib.optionalAttrs nixpkgs.cuda.enable
(
{ cudaSupport = true; }
// (inputs.lib.optionalAttrs (nixpkgs.cuda.capabilities != null)
{ cudaCapabilities = nixpkgs.cuda.capabilities; })
// (inputs.lib.optionalAttrs (nixpkgs.cuda.forwardCompat != null)
{ cudaForwardCompat = nixpkgs.cuda.forwardCompat; })
// (inputs.lib.optionalAttrs (nixpkgs.march != null) { nvhpcArch = nixpkgs.march; })
);
in
{
inherit hostPlatform;
config = cudaConfig //
{
inherit hostPlatform;
config =
{
permittedInsecurePackages = map
(package: inputs.pkgs.${package}.name)
(filter (package: inputs.pkgs ? ${package}) permittedInsecurePackages);
allowUnfree = true;
qchem-config = { optArch = nixpkgs.march; useCuda = nixpkgs.cuda.enable; };
oneapiArch = mkIf (nixpkgs.march != null) nixpkgs.march;
};
overlays =
[(final: prev:
let
genericPackages = import inputs.topInputs.nixpkgs
permittedInsecurePackages = map
(package: inputs.pkgs.${package}.name)
(filter (package: inputs.pkgs ? ${package}) permittedInsecurePackages);
allowUnfree = true;
qchem-config = { optArch = nixpkgs.march; useCuda = nixpkgs.cuda.enable; };
oneapiArch = mkIf (nixpkgs.march != null) nixpkgs.march;
};
overlays =
[(final: prev:
let
genericPackages = import inputs.topInputs.nixpkgs
{
system = "x86_64-linux";
config =
{
system = "x86_64-linux";
config =
{
allowUnfree = true;
permittedInsecurePackages = let pkgs = inputs.topInputs.nixpkgs.legacyPackages.x86_64-linux; in map
(package: pkgs.${package}.name)
(filter (package: pkgs ? ${package}) permittedInsecurePackages);
};
allowUnfree = true;
permittedInsecurePackages = let pkgs = inputs.topInputs.nixpkgs.legacyPackages.x86_64-linux; in map
(package: pkgs.${package}.name)
(filter (package: pkgs ? ${package}) permittedInsecurePackages);
};
targetPythonVersion = inputs.lib.lists.take 2 (splitString "." genericPackages.python3.version);
targetPythonName = "python${concatStringsSep "" targetPythonVersion}";
in
{ inherit genericPackages; }
// {
unstablePackages = import inputs.topInputs.nixpkgs-unstable
};
in
{ inherit genericPackages; }
// (
let
source =
{
unstablePackages = "nixpkgs-unstable";
"pkgs-23.05" = "nixpkgs-23.05";
"pkgs-22.11" = "nixpkgs-22.11";
"pkgs-22.05" = "nixpkgs-22.05";
};
packages = name: import inputs.topInputs.${source.${name}}
{
localSystem = hostPlatform;
config =
config = cudaConfig //
{
allowUnfree = true;
permittedInsecurePackages =
let pkgs = inputs.topInputs.nixpkgs-unstable.legacyPackages.x86_64-linux;
let pkgs = inputs.topInputs.${source.${name}}.legacyPackages.x86_64-linux;
in map
(package: pkgs.${package}.name)
(filter (package: pkgs ? ${package}) permittedInsecurePackages);
};
};
}
// (
if nixpkgs.march != null then
let replacedPackages = filter
(package: let pname = tryEval genericPackages.${package}.pname or null;
in (pname.success && (builtins.elem pname.value noBuildPackages)
|| builtins.elem package noBuildPackages))
(filter
(package: builtins.any (prefix: hasPrefix prefix package) noBuildPackages)
(attrNames genericPackages));
in listToAttrs (map
(package: { name = package; value = genericPackages.${package}; })
replacedPackages)
else {}
)
// (
if nixpkgs.march != null then
{ embree = prev.embree.override { stdenv = final.genericPackages.stdenv; }; }
else {}
)
// (
if nixpkgs.replaceTensorflow then
{
${targetPythonName} = prev.${targetPythonName}.override { packageOverrides = final: prev:
{
tensorflow = prev.tensorflow.override
{
cudaSupport = false;
customBazelBuild = genericPackages.${targetPythonName}.pkgs.tensorflow.passthru.bazel-build;
};
};};
}
else {}
)
)];
};
programs.ccache = { enable = true; cacheDir = "/var/lib/ccache"; };
nix.settings.extra-sandbox-paths = [ inputs.config.programs.ccache.cacheDir ];
boot.kernelPatches = mkIf (nixpkgs.march != null)
[{
name = "native kernel";
patch = null;
extraStructuredConfig =
let
kernelConfig =
{
alderlake = "MALDERLAKE";
sandybridge = "MSANDYBRIDGE";
silvermont = "MSILVERMONT";
broadwell = "MBROADWELL";
skylake = "MSKYLAKE";
znver2 = "MZEN2";
znver3 = "MZEN3";
znver4 = "MZEN4";
};
in { GENERIC_CPU = inputs.lib.kernel.no; ${kernelConfig.${nixpkgs.march}} = inputs.lib.kernel.yes; };
}];
}
{
nixpkgs.config = mkIf nixpkgs.cuda.enable
(
{ cudaSupport = true; }
// (if nixpkgs.cuda.capabilities != null then { cudaCapabilities = nixpkgs.cuda.capabilities; } else {})
// (if nixpkgs.cuda.forwardCompat != null then { cudaForwardCompat = nixpkgs.cuda.forwardCompat; }
else {}));
}
];
in builtins.listToAttrs (map
(name: { inherit name; value = packages name; }) (builtins.attrNames source))
)
// (inputs.lib.optionalAttrs (nixpkgs.march != null)
{ embree = prev.embree.override { stdenv = final.genericPackages.stdenv; }; })
)];
};
programs.ccache = { enable = true; cacheDir = "/var/lib/ccache"; };
nix.settings.extra-sandbox-paths = [ inputs.config.programs.ccache.cacheDir ];
boot.kernelPatches = mkIf (nixpkgs.march != null)
[{
name = "native kernel";
patch = null;
extraStructuredConfig =
let
kernelConfig =
{
alderlake = "MALDERLAKE";
sandybridge = "MSANDYBRIDGE";
silvermont = "MSILVERMONT";
broadwell = "MBROADWELL";
skylake = "MSKYLAKE";
znver2 = "MZEN2";
znver3 = "MZEN3";
znver4 = "MZEN4";
};
in { GENERIC_CPU = inputs.lib.kernel.no; ${kernelConfig.${nixpkgs.march}} = inputs.lib.kernel.yes; };
}];
environment.systemPackages = mkIf nixpkgs.cuda.enable [ inputs.pkgs.cudatoolkit ];
};
}

2
modules/system/sops.nix
View File

@@ -14,7 +14,7 @@ inputs:
sops =
{
defaultSopsFile =
"${inputs.topInputs.self}/secrets/${inputs.config.nixos.system.networking.hostname}/default.yaml";
"${inputs.topInputs.self}/devices/${inputs.config.nixos.system.networking.hostname}/secrets/default.yaml";
# sops start before impermanence, so we need to use the absolute path
age.sshKeyPaths = [ "${sops.keyPathPrefix}/etc/ssh/ssh_host_ed25519_key" ];
gnupg.sshKeyPaths = [ "${sops.keyPathPrefix}/etc/ssh/ssh_host_rsa_key" ];

2
modules/system/user.nix
View File

@@ -13,6 +13,8 @@ inputs:
yjq = 1002;
yxy = 1003;
zem = 1004;
gb = 1005;
test = 1006;
misskey-misskey = 2000;
misskey-misskey-old = 2001;
frp = 2002;

7
modules/users/chn/default.nix
View File

@@ -11,7 +11,7 @@ inputs:
users.users.chn =
{
extraGroups = inputs.lib.intersectLists
[ "adbusers" "networkmanager" "wheel" "wireshark" "libvirtd" "video" "audio" "groupshare" ]
[ "users" "adbusers" "networkmanager" "wheel" "wireshark" "libvirtd" "video" "audio" "groupshare" ]
(builtins.attrNames inputs.config.users.groups);
shell = inputs.pkgs.zsh;
autoSubUidGidRange = true;
@@ -46,7 +46,10 @@ inputs:
}
// (listToAttrs (map
(system: { name = system; value.forwardAgent = true; })
[ "vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.pc" "nas" "wireguard.nas" ]));
[
"vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.pc" "nas" "wireguard.nas"
"wireguard.surface" "xmupc1" "wireguard.xmupc1"
]));
};
home.packages =
[

77
modules/users/chn/plasma/autostart.nix Normal file
View File

@@ -0,0 +1,77 @@
inputs:
{
config = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
{
home-manager.users.chn.config.home.file =
let
programs =
{
nheko = rec
{
fileName = "nheko.desktop";
path = inputs.pkgs.writeText fileName (builtins.replaceStrings
[ "Exec=nheko %u" ] [ "Exec=bash -c 'sleep 5 && nheko'" ]
(builtins.readFile "${inputs.pkgs.nheko}/share/applications/${fileName}"));
};
kclockd = rec
{
fileName = "org.kde.kclockd-autostart.desktop";
path = "${inputs.pkgs.plasma5Packages.kdeGear.kclock}/etc/xdg/autostart/${fileName}";
};
yakuake = rec
{
fileName = "org.kde.yakuake.desktop";
path = "${inputs.pkgs.yakuake}/share/applications/${fileName}";
};
telegram = rec
{
fileName = "org.telegram.desktop.desktop";
path = inputs.pkgs.writeText fileName (builtins.replaceStrings
[ "Exec=telegram-desktop -- %u" ] [ "Exec=bash -c 'sleep 5 && telegram-desktop -autostart'" ]
(builtins.readFile "${inputs.pkgs.telegram-desktop}/share/applications/${fileName}"));
};
element = rec
{
fileName = "element-desktop.desktop";
path = inputs.pkgs.writeText fileName (builtins.replaceStrings
[ "Exec=element-desktop %u" ] [ "Exec=element-desktop --hidden" ]
(builtins.readFile "${inputs.pkgs.element-desktop.desktopItem}/share/applications/${fileName}"));
};
kmail = rec
{
fileName = "org.kde.kmail2.desktop";
path = "${inputs.pkgs.kmail}/share/applications/${fileName}";
};
discord = rec
{
fileName = "discord.desktop";
path = inputs.pkgs.writeText fileName (builtins.replaceStrings
[ "Exec=Discord" ] [ "Exec=Discord --start-minimized" ]
(builtins.readFile "${inputs.pkgs.discord.desktopItem}/share/applications/${fileName}"));
};
crow-translate = rec
{
fileName = "io.crow_translate.CrowTranslate.desktop";
path = "${inputs.pkgs.crow-translate}/share/applications/${fileName}";
};
};
devices =
{
pc = [ "nheko" "kclockd" "yakuake" "telegram" "element" "kmail" "discord" "crow-translate" ];
surface = [ "kclockd" "yakuake" "telegram" "element" "crow-translate" ];
};
in builtins.listToAttrs (builtins.map
(file:
{
name = ".config/autostart/${programs.${file}.fileName}";
value.source = programs.${file}.path;
})
(devices.${inputs.config.nixos.system.networking.hostname} or []));
environment.persistence =
let impermanence = inputs.config.nixos.system.impermanence;
in inputs.lib.mkIf impermanence.enable
{
"${impermanence.root}".users.chn.directories = [ ".config/autostart" ];
};
};
}

63
modules/users/chn/plasma/autostart/default.nix
View File

@@ -1,63 +0,0 @@
inputs:
{
config = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
{
home-manager.users.chn.config.home.file =
let
programs =
{
nheko =
let
drv = inputs.pkgs.writeTextDir "nheko.desktop" (builtins.replaceStrings
[ "Exec=nheko %u" ] [ "Exec=bash -c 'sleep 5 && nheko'" ]
(builtins.readFile "${inputs.pkgs.nheko}/share/applications/nheko.desktop"));
in "${drv}/nheko.desktop";
kclockd = "${inputs.pkgs.plasma5Packages.kdeGear.kclock}/etc/xdg/autostart/org.kde.kclockd-autostart.desktop";
yakuake = "${inputs.pkgs.yakuake}/share/applications/org.kde.yakuake.desktop";
telegram =
let
drv = inputs.pkgs.writeTextDir "org.telegram.desktop.desktop" (builtins.replaceStrings
[ "Exec=telegram-desktop -- %u" ] [ "Exec=bash -c 'sleep 5 && telegram-desktop -autostart'" ]
(builtins.readFile "${inputs.pkgs.telegram-desktop}/share/applications/org.telegram.desktop.desktop"));
in "${drv}/org.telegram.desktop.desktop";
element =
let
drv = inputs.pkgs.writeTextDir "element-desktop.desktop" (builtins.replaceStrings
[ "Exec=element-desktop %u" ] [ "Exec=element-desktop --hidden" ]
(builtins.readFile
"${inputs.pkgs.element-desktop.desktopItem}/share/applications/element-desktop.desktop"));
in "${drv}/element-desktop.desktop";
# kmail =
# let
# drv = inputs.pkgs.writeTextDir "org.kde.kmail2.desktop" (builtins.replaceStrings
# [ "Exec=kmail -qwindowtitle %c %u" ] [ "Exec=bash -c 'sleep 5 && kmail -qwindowtitle'" ]
# (builtins.readFile "${inputs.pkgs.kmail}/share/applications/org.kde.kmail2.desktop"));
# in "${drv}/org.kde.kmail2.desktop";
kmail = "${inputs.pkgs.kmail}/share/applications/org.kde.kmail2.desktop";
discord =
let
drv = inputs.pkgs.writeTextDir "discord.desktop" (builtins.replaceStrings
[ "Exec=Discord" ] [ "Exec=Discord --start-minimized" ]
(builtins.readFile "${inputs.pkgs.discord.desktopItem}/share/applications/discord.desktop"));
in "${drv}/discord.desktop";
};
devices =
{
pc = [ "nheko" "kclockd" "yakuake" "telegram" "element" "kmail" "discord" ];
surface = [ "kclockd" "yakuake" "telegram" "element" ];
};
in builtins.listToAttrs (builtins.map
(file:
{
name = ".config/autostart/${builtins.baseNameOf (builtins.unsafeDiscardStringContext programs.${file})}";
value.source = programs.${file};
})
(devices.${inputs.config.nixos.system.networking.hostname} or []));
environment.persistence =
let impermanence = inputs.config.nixos.system.impermanence;
in inputs.lib.mkIf impermanence.enable
{
"${impermanence.root}".users.chn.directories = [ ".config/autostart" ];
};
};
}

17
modules/users/chn/plasma/autostart/org.telegram.desktop.desktop
View File

@@ -1,17 +0,0 @@
[Desktop Entry]
Name=Telegram Desktop
Comment=Official desktop version of Telegram messaging app
TryExec=telegram-desktop
Exec=bash -c "sleep 5 && telegram-desktop -autostart"
Icon=telegram
Terminal=false
StartupWMClass=TelegramDesktop
Type=Application
Categories=Chat;Network;InstantMessaging;Qt;
MimeType=x-scheme-handler/tg;
Keywords=tg;chat;im;messaging;messenger;sms;tdesktop;
Actions=quit;
DBusActivatable=true
SingleMainWindow=true
X-GNOME-UsesNotifications=true
X-GNOME-SingleWindow=true

92
modules/users/chn/plasma/default.nix
View File

@@ -1,94 +1,4 @@
inputs:
{
imports = inputs.localLib.mkModules [ ./autostart ./wallpaper ./konsole.nix ./shortcuts.nix ./theme.nix ];
config = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
{
home-manager.users.chn.config.programs.plasma = inputs.lib.mkMerge
[
# TODO: autostart, panel, discard user changed settings
# general
{
enable = true;
configFile.plasma-localerc = { Formats.LANG = "en_US.UTF-8"; Translations.LANGUAGE = "zh_CN"; };
}
# kwin
{
kwin.titlebarButtons.right = [ "help" "keep-below-windows" "keep-above-windows" "minimize" "maximize" "close" ];
windows.allowWindowsToRememberPositions = false;
configFile =
{
plasmanotifyrc.Notifications.PopupPosition = "BottomRight";
kwinrc =
{
Tiling.padding = 4;
Wayland."InputMethod[$e]" = "/run/current-system/sw/share/applications/org.fcitx.Fcitx5.desktop";
Windows.RollOverDesktops = true;
Compositing = { AllowTearing = false; WindowsBlockCompositing = false; };
};
};
}
# baloo
{ configFile.baloofilerc."Basic Settings".Indexing-Enabled = false; }
# dolphin and file chooser
{
configFile =
{
dolphinrc =
{
General = { ShowFullPath = true; FilterBar = true; RememberOpenedTabs = false; };
PreviewSettings.Plugins = builtins.concatStringsSep ","
[
"blenderthumbnail"
"comicbookthumbnail"
"djvuthumbnail"
"ebookthumbnail"
"exrthumbnail"
"marble_thumbnail_geojson"
"marble_thumbnail_gpx"
"jpegthumbnail"
"marble_thumbnail_kmz"
"marble_thumbnail_kml"
"kraorathumbnail"
"windowsimagethumbnail"
"windowsexethumbnail"
"mltpreview"
"mobithumbnail"
"opendocumentthumbnail"
"marble_thumbnail_osm"
"palathumbcreator"
"gsthumbnail"
"rawthumbnail"
"svgthumbnail"
"imagethumbnail"
"fontthumbnail"
"directorythumbnail"
"textthumbnail"
"webarchivethumbnail"
"ffmpegthumbs"
"audiothumbnail"
];
};
kdeglobals."KFileDialog Settings" =
{
"Allow Expansion" = true;
"Automatically select filename extension" = true;
"Show Bookmarks" = true;
"Show Full Path" = true;
"Show Inline Previews" = true;
"Show Preview" = true;
"Show Speedbar" = true;
"Show hidden files" = true;
"Sort by" = "Name";
"Sort directories first" = true;
"Sort hidden files last" = true;
"View Style" = "DetailTree";
};
};
}
# krunner
{ configFile.krunnerrc = { General.FreeFloating = true; Plugins.baloosearchEnabled = false; }; }
# lock screen
{ configFile.kscreenlockerrc.Daemon.Autolock = false; }
];
};
imports = inputs.localLib.mkModules [ ./autostart.nix ./wallpaper ./shortcuts.nix ./theme.nix ];
}

81
modules/users/chn/plasma/konsole.nix
View File

@@ -1,81 +0,0 @@
inputs:
{
config = inputs.lib.mkIf inputs.config.nixos.system.gui.enable
{
home-manager.users.chn.config =
{
programs.plasma =
{
overrideConfig = true;
overrideConfigFiles = [ "konsolerc" "yakuakerc" ];
configFile =
{
yakuakerc =
{
Appearance =
{
HideSkinBorders = true;
Skin = "Slate";
Translucency = true;
};
"Desktop Entry".DefaultProfile = "plasma-manager.profile";
Dialogs.FirstRun = false;
Window =
{
KeepOpen = false;
KeepOpenAfterLastSessionCloses = true;
ShowSystrayIcon = false;
};
};
konsolerc =
{
"Desktop Entry".DefaultProfile = "plasma-manager.profile";
"MainWindow.Toolbar sessionToolbar".ToolButtonStyle = "IconOnly";
};
};
dataFile."konsole/plasma-manager.profile" =
{
Appearance =
{
AntiAliasFonts = true;
BoldIntense = true;
ColorScheme = "Breeze";
Font = "FiraCode Nerd Font Mono,10,-1,5,50,0,0,0,0,0";
UseFontLineChararacters = true;
WordModeAttr = false;
};
"Cursor Options".CursorShape = 1;
General =
{
Name = "plasma-manager";
Parent = "FALLBACK/";
TerminalCenter = true;
TerminalMargin = 1;
};
"Interaction Options" =
{
AutoCopySelectedText = true;
TrimLeadingSpacesInSelectedText = true;
TrimTrailingSpacesInSelectedText = true;
UnderlineFilesEnabled = true;
};
Scrolling =
{
HistoryMode = 2;
ReflowLines = false;
};
"Terminal Features".BlinkingCursorEnabled = true;
};
};
home.file.".local/share/konsole/Breeze.colorscheme".text = builtins.replaceStrings
[ "Opacity=1" ] [ "Opacity=0.9\nBlur=true" ]
(builtins.readFile "${inputs.pkgs.konsole}/share/konsole/Breeze.colorscheme");
};
environment.persistence =
let impermanence = inputs.config.nixos.system.impermanence;
in inputs.lib.mkIf impermanence.enable
{
"${impermanence.root}".users.chn.directories = [ ".local/share/konsole" ".local/share/yakuake" ];
};
};
}

22
modules/users/chn/plasma/shortcuts.nix
View File

@@ -4,6 +4,8 @@ inputs:
{
home-manager.users.chn.config.programs.plasma =
{
overrideConfig = true;
overrideConfigFiles = [ "kglobalshortcutsrc" "khotkeysrc" ];
spectacle.shortcuts.captureRectangularRegion = "Print";
shortcuts = inputs.lib.mkMerge
[
@@ -45,11 +47,11 @@ inputs:
"Suspend Compositing" = "Alt+Shift+F12";
"Walk Through Windows" = "Alt+Tab";
"Walk Through Windows (Reverse)" = "Alt+Shift+Backtab";
"Window Above Other Windows" = "Meta+Shift+PgUp";
"Window Below Other Windows" = "Meta+Shift+PgDown";
"Window Above Other Windows" = "Meta+Shift+Up";
"Window Below Other Windows" = "Meta+Shift+Down";
"Window Close" = "Alt+F4";
"Window Maximize" = "Meta+PgUp";
"Window Minimize" = "Meta+PgDown";
"Window Maximize" = "Meta+Ctrl+Up";
"Window Minimize" = "Meta+Ctrl+Down";
"Window Operations Menu" = "Alt+F3";
"Window Quick Tile Bottom" = "Meta+Down";
"Window Quick Tile Left" = "Meta+Left";
@@ -61,14 +63,10 @@ inputs:
{
kwin =
{
"Switch One Desktop Down" = "Meta+Ctrl+Down";
"Switch One Desktop Up" = "Meta+Ctrl+Up";
"Switch One Desktop to the Left" = "Meta+Ctrl+Left";
"Switch One Desktop to the Right" = "Meta+Ctrl+Right";
"Window One Desktop Down" = "Meta+Ctrl+Shift+Down";
"Window One Desktop Up" = "Meta+Ctrl+Shift+Up";
"Window One Desktop to the Left" = "Meta+Ctrl+Shift+Left";
"Window One Desktop to the Right" = "Meta+Ctrl+Shift+Right";
"Switch One Desktop to the Left" = [ "Ctrl+PgUp" "Ctrl+Num+PgUp" ];
"Switch One Desktop to the Right" = [ "Ctrl+PgDown" "Ctrl+Num+PgDown" ];
"Window One Desktop to the Left" = [ "Meta+Ctrl+PgUp" "Meta+Ctrl+Num+PgUp" ];
"Window One Desktop to the Right" = [ "Meta+Ctrl+PgDown" "Meta+Ctrl+Num+PgDown" ];
};
}
# media

BIN
modules/users/chn/plasma/wallpaper/fanbox-5405326.png LFS Normal file
View File

Binary file not shown.

BIN
modules/users/chn/plasma/wallpaper/fanbox-6682738.png LFS Normal file
View File

Binary file not shown.

BIN
modules/users/chn/plasma/wallpaper/pixiv-111392869.png LFS Normal file
View File

Binary file not shown.

BIN
modules/users/chn/plasma/wallpaper/pixiv-84287955.png LFS Normal file
View File

Binary file not shown.

BIN
modules/users/chn/plasma/wallpaper/pixiv-96734339.png LFS Normal file
View File

Binary file not shown.

BIN
modules/users/chn/plasma/wallpaper/twitter-1476842308473868289-x4.png LFS Normal file
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More